enable oval checks for audit tools on fedora and fix failing tests

Author: Arden97

shared/checks/oval/audit_rules_auditctl.xml

@@ -18,7 +18,7 @@
     <ind:object object_ref="object_audit_rules_auditctl" />
   </ind:textfilecontent54_test>
   <ind:textfilecontent54_object id="object_audit_rules_auditctl" version="1">
-{{% if product in ['rhel10', 'ol10'] %}}
+{{% if product in ['fedora', 'rhel10', 'ol10'] %}}
     <ind:filepath>/usr/lib/systemd/system/audit-rules.service</ind:filepath>
     <ind:pattern operation="pattern match">^ExecStart=\/sbin\/auditctl.*$</ind:pattern>
   {{% else %}}

shared/checks/oval/audit_rules_augenrules.xml

@@ -18,7 +18,7 @@
     <ind:object object_ref="object_audit_rules_augenrules" />
   </ind:textfilecontent54_test>
   <ind:textfilecontent54_object id="object_audit_rules_augenrules" version="1">
-  {{% if product in ['rhel10', 'ol10']  %}}
+  {{% if product in ['fedora', 'rhel10', 'ol10']  %}}
     <ind:filepath>/usr/lib/systemd/system/audit-rules.service</ind:filepath>
     <ind:pattern operation="pattern match">^ExecStart=(\/usr|)?\/sbin\/augenrules.*$</ind:pattern>
   {{% else %}}

shared/macros/20-test-scenarios.jinja

@@ -15,6 +15,23 @@ This macro changes the configuration of the audit service so that it looks like
 {{%- endmacro -%}}
 
 
+{{#
+This macro changes the configuration of the audit service so that it looks like augenrules is used to load rules.
+#}}
+
+{{%- macro setup_augenrules_environment () -%}}
+  {{% if product in ["fedora", "ol10", "rhel10"] %}}
+  sed -i "s%^ExecStart=.*%ExecStart=/sbin/augenrules%" /usr/lib/systemd/system/audit-rules.service
+  {{% else %}}
+  {{% if product == "sle15" %}}
+  sed -i "s%^#ExecStartPost=.*%ExecStartPost=-/sbin/augenrules%" /usr/lib/systemd/system/auditd.service
+  {{% else %}}
+  sed -i "s%^ExecStartPost=.*%ExecStartPost=-/sbin/augenrules%" /usr/lib/systemd/system/auditd.service
+  {{% endif %}}
+  {{% endif %}}
+{{%- endmacro -%}}
+
+
 {{#
 This macro is used by pam_account_password_faillock template to initialize
 the external variable and parameter value to a desired state.

shared/templates/audit_rules_watch/tests/augenrules_correct.pass.sh

@@ -1,6 +1,8 @@
 #!/bin/bash
 # packages = audit
 
+{{{ setup_augenrules_environment() }}}
+
 path={{{ PATH }}}
 style={{{ audit_watches_style }}}
 filter_type={{{ FILTER_TYPE }}}

shared/templates/audit_rules_watch/tests/augenrules_correct_extra_permission.pass.sh

@@ -1,6 +1,8 @@
 #!/bin/bash
 # packages = audit
 
+{{{ setup_augenrules_environment() }}}
+
 path={{{ PATH }}}
 style={{{ audit_watches_style }}}
 filter_type={{{ FILTER_TYPE }}}

shared/templates/audit_rules_watch/tests/augenrules_correct_without_key.pass.sh

@@ -1,6 +1,8 @@
 #!/bin/bash
 # packages = audit
 
+{{{ setup_augenrules_environment() }}}
+
 path={{{ PATH }}}
 style={{{ audit_watches_style }}}
 filter_type={{{ FILTER_TYPE }}}

shared/templates/audit_rules_watch/tests/augenrules_remove_all_rules.fail.sh

@@ -1,6 +1,8 @@
 #!/bin/bash
 # packages = audit
 
+{{{ setup_augenrules_environment() }}}
+
 path={{{ PATH }}}
 style={{{ audit_watches_style }}}
 filter_type={{{ FILTER_TYPE }}}

shared/templates/audit_rules_watch/tests/augenrules_wrong_rule.fail.sh

@@ -1,6 +1,8 @@
 #!/bin/bash
 # packages = audit
 
+{{{ setup_augenrules_environment() }}}
+
 path={{{ PATH }}}
 style={{{ audit_watches_style }}}
 filter_type={{{ FILTER_TYPE }}}

shared/templates/audit_rules_watch/tests/augenrules_wrong_rule_without_key.fail.sh

@@ -1,6 +1,8 @@
 #!/bin/bash
 # packages = audit
 
+{{{ setup_augenrules_environment() }}}
+
 path={{{ PATH }}}
 style={{{ audit_watches_style }}}
 filter_type={{{ FILTER_TYPE }}}

shared/templates/audit_rules_watch/tests/rules_not_there.fail.sh

@@ -1,6 +1,7 @@
 #!/bin/bash
 # packages = audit
 
+{{{ setup_augenrules_environment() }}}
 
 rm -f /etc/audit/rules.d/*
 > /etc/audit/audit.rules