From ce360380944e89a69990824eb5bffe53f7817687 Mon Sep 17 00:00:00 2001
From: Miha Purg <miha.purg@canonical.com>
Date: Thu, 5 Dec 2024 10:02:27 +0100
Subject: [PATCH] Improve regex in sudo_defaults_option oval

The oval now fails if the sudo defaults option
is preceeded by a '!' character (negated option).
---
 .../sudo/sudo_add_use_pty/tests/use_pty_disabled.fail.sh    | 6 ++++++
 shared/templates/sudo_defaults_option/oval.template         | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)
 create mode 100644 linux_os/guide/system/software/sudo/sudo_add_use_pty/tests/use_pty_disabled.fail.sh

diff --git a/linux_os/guide/system/software/sudo/sudo_add_use_pty/tests/use_pty_disabled.fail.sh b/linux_os/guide/system/software/sudo/sudo_add_use_pty/tests/use_pty_disabled.fail.sh
new file mode 100644
index 00000000000..774b96c1b84
--- /dev/null
+++ b/linux_os/guide/system/software/sudo/sudo_add_use_pty/tests/use_pty_disabled.fail.sh
@@ -0,0 +1,6 @@
+#!/bin/bash
+# platform = multi_platform_all
+# packages = sudo
+
+sed '/Defaults.*use_pty/ s/.*/#&/g' -i /etc/sudoers /etc/sudoers.d/*
+echo "Defaults !use_pty" >> /etc/sudoers.d/enable_use_pty
diff --git a/shared/templates/sudo_defaults_option/oval.template b/shared/templates/sudo_defaults_option/oval.template
index a9636a7204a..25590d02703 100644
--- a/shared/templates/sudo_defaults_option/oval.template
+++ b/shared/templates/sudo_defaults_option/oval.template
@@ -13,7 +13,7 @@
   </ind:textfilecontent54_test>
   <ind:textfilecontent54_object id="object_{{{ OPTION }}}_sudoers" version="1">
     <ind:filepath operation="pattern match">^/etc/sudoers(|\.d/.*)$</ind:filepath>
-    <ind:pattern operation="pattern match">^[\s]*Defaults[\s]*\b{{{ OPTION_REGEX }}}.*$</ind:pattern>
+    <ind:pattern operation="pattern match">^[\s]*Defaults[\s]*[^!]\b{{{ OPTION_REGEX }}}.*$</ind:pattern>
     <ind:instance datatype="int" operation="greater than or equal" >1</ind:instance>
   </ind:textfilecontent54_object>