<def-group>
  <definition class="compliance" id="OVALCHECKID" version="2">
    <metadata>
      <title>TITLE</title>
      <affected family="unix">
        <platform>multi_platform_rhel</platform>
      </affected>
      <description>DESCRIPTION</description>
    </metadata>
    <criteria operator="AND">
      <extend_definition comment="Get value of var_accounts_user_umask variable as octal number"
      definition_ref="USERUMASKVARIABLE_as_number" />
      <criterion test_ref="tst_OVALCHECKID" />
    </criteria>
  </definition>

  <ind:textfilecontent54_object id="obj_umask_fromFILEID"
  comment="Umask value from FILEPATH" version="1">
    <ind:filepath>FILEPATH</ind:filepath>
    <ind:pattern operation="pattern match">^[\s]*(?i)UMASK(?-i)[\s]+([^#\s]*)</ind:pattern>
    <ind:instance datatype="int" operation="greater than or equal">1</ind:instance>
  </ind:textfilecontent54_object>

  <local_variable id="var_first_digit_of_umask_fromFILEID"
  comment="First octal digit of umask from FILEPATH"
  datatype="int" version="1">
    <substring substring_start="1" substring_length="1">
      <object_component item_field="subexpression" object_ref="obj_umask_fromFILEID" />
    </substring>
  </local_variable>

  <local_variable id="var_second_digit_of_umask_fromFILEID"
  comment="Second octal digit of umask from FILEPATH"
  datatype="int" version="1">
    <substring substring_start="2" substring_length="1">
      <object_component item_field="subexpression" object_ref="obj_umask_fromFILEID" />
    </substring>
  </local_variable>

  <local_variable id="var_third_digit_of_umask_fromFILEID"
  comment="Third octal digit of umask from FILEPATH"
  datatype="int" version="1">
    <substring substring_start="3" substring_length="1">
      <object_component item_field="subexpression" object_ref="obj_umask_fromFILEID" />
    </substring>
  </local_variable>

  <local_variable id="varFILEID_umask_as_number"
  comment="FILEPATH umask converted from string to a number"
  datatype="int" version="1">
    <arithmetic arithmetic_operation="add">
      <arithmetic arithmetic_operation="multiply">
        <literal_component datatype="int">64</literal_component>
        <variable_component var_ref="var_first_digit_of_umask_fromFILEID" />
      </arithmetic>
      <arithmetic arithmetic_operation="multiply">
        <literal_component datatype="int">8</literal_component>
        <variable_component var_ref="var_second_digit_of_umask_fromFILEID" />
      </arithmetic>
      <variable_component var_ref="var_third_digit_of_umask_fromFILEID" />
    </arithmetic>
  </local_variable>

  <!-- The 'USERUMASKVARIABLE_umask_as_number' variable is created by evaluation of
       the referenced 'USERUMASKVARIABLE_as_number' OVAL definition -->
  <external_variable id="USERUMASKVARIABLE_umask_as_number"
  comment="Required umask converted from string to octal number"
  datatype="int" version="1"/>

  <ind:variable_test id="tst_OVALCHECKID" version="1" check="all"
  comment="Test the retrieved FILEPATH umask value(s) match the USERUMASKVARIABLE requirement">
    <ind:object object_ref="obj_OVALCHECKID" />
    <ind:state state_ref="ste_OVALCHECKID" />
  </ind:variable_test>

  <ind:variable_object id="obj_OVALCHECKID" version="1">
    <ind:var_ref>varFILEID_umask_as_number</ind:var_ref>
  </ind:variable_object>

  <ind:variable_state id="ste_OVALCHECKID" version="1">
    <ind:value datatype="int" operation="bitwise and" var_ref="USERUMASKVARIABLE_umask_as_number" />
  </ind:variable_state>

</def-group>
