oscap
=====
.. py:module:: oscap
Module Contents
---------------
.. py:function:: parse_xml(path)
Parse an XML file, yielding tuples of
(frames, elements)
where each is an ordered list of namespace-free tag names ('frames') and the
actual ElementTree objects ('elements') as it appears during a top-down
recursive traversal.
The yielded tuples are returned as child-first (as the parser *exits* the
elements) in order to return complete Element objects.
Ie. for a <Tag1> containing <Tag2>, this would yield:
(['Tag1', 'Tag2'], [Element <Tag1> at 0x...>, <Element 'Tag2' at 0x...>])
(['Tag1'], [Element <Tag1> at 0x...>])
The intention is for the caller to match a specific part of the XML file
by comparing the last N members of the frames list, and/or the element list,
extracting further details from the last element.
.. py:class:: Datastream(xml_file)
.. py:attribute:: FixType
.. py:attribute:: profiles
.. py:attribute:: rules
.. py:attribute:: path
.. py:method:: has_remediation(rule)
Return True if 'rule' has bash remediation, False otherwise.
.. py:method:: get_all_profiles_rules()
Return a deduplicated unified set of all rules from all profiles.
.. py:function:: global_ds()
.. py:function:: rule_from_verbose(line)
Get (rulename, status) from an oscap info verbose output line.
Return None if the input line is not a valid oscap verbose result line.
.. py:function:: rules_from_verbose(lines)
Yield (rulename, status) from oscap info verbose output lines.
.. py:function:: report_from_verbose(lines)
Report results from oscap output.
Note that this expects 'oscap xccdf eval' to be run:
- with --progress
- with stdout parsed into lines, fed to this function
- with stderr discarded or left on the console
.. py:function:: unselect_rules(orig_ds, new_ds, rules)
Given
- a source XML file path as 'orig_ds',
- a destination XML file path as 'new_ds',
- an iterable of rules (partial or full rule names),
copy the source datastream to the destination one, disabling the
specified rules.