{{%- set files = ["bash_logout", "bash_profile", "bashrc", "cshrc", "tcshrc", ] %}}

<def-group>
    <definition class="compliance" id="{{{ rule_id }}}" version="1">
        {{{ oval_metadata("Ensure that tmpfiles for rootfiles is configured correctly.", rule_title=rule_title) }}}
        <criteria operator="AND" comment="Ensure that tmpfiles for rootfiles is configured correctly.">
            {{%- for file in files %}}
            <criterion comment="Check that /root/.{{{ file }}} is configured correctly"
                       test_ref="test_{{{ rule_id }}}_{{{ file }}}"/>
            {{%- endfor %}}
        </criteria>
    </definition>
    {{%- for file in files %}}
        <ind:textfilecontent54_test check="all"
                                    comment="Tests that .{{{ file }}} is configured correctly."
                                    id="test_{{{ rule_id }}}_{{{ file }}}" version="1">

            <ind:object object_ref="obj_{{{ rule_id }}}_{{{ file }}}"/>
            <ind:state state_ref="state_{{{ rule_id }}}_{{{ file }}}"/>
        </ind:textfilecontent54_test>
        <ind:textfilecontent54_object id="obj_{{{ rule_id }}}_{{{ file }}}" version="1">
            <ind:path>/etc/tmpfiles.d/</ind:path>
            <ind:filename operation="pattern match">^.*\.conf$</ind:filename>
            <ind:pattern operation="pattern match">^C[[:blank:]]+\/root\/.{{{ file }}}[[:blank:]]+(\d{3})[[:blank:]]+root[[:blank:]]+root[[:blank:]]+-[[:blank:]]+\/usr\/share\/rootfiles/.{{{ file }}}$</ind:pattern>
            <ind:instance datatype="int">1</ind:instance>
        </ind:textfilecontent54_object>

        <ind:textfilecontent54_state id="state_{{{ rule_id }}}_{{{ file }}}" version="1">
            <ind:subexpression datatype="int" operation="equals">600</ind:subexpression>
        </ind:textfilecontent54_state>
    {{%- endfor %}}
</def-group>