<html> <head> <meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"> </head> <body bgcolor="#FFFFFF" text="#000000"> <div class="moz-cite-prefix">On 3/3/14, 5:51 AM, Jan Lieskovsky wrote: </div> <blockquote cite="mid:1985521088.24344346.1393843915248.JavaMail.zimbra@redhat.com" type="cite"> <div class="moz-text-plain" wrap="true" graphical-quote="true" style="font-family: -moz-fixed; font-size: 12px;" lang="x-western"> <pre wrap="">Hello Vratislav, ----- Original Message ----- </pre> <blockquote type="cite" style="color: #000000;"> <pre wrap="">> From: "Lee Kinser" <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:lkinser@redhat.com"><lkinser@redhat.com></a> > To: "SCAP Security Guide" <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:scap-security-guide@lists.fedorahosted.org"><scap-security-guide@lists.fedorahosted.org></a> > Cc: "oscap-anaconda-addon" <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:oscap-anaconda-addon@lists.fedorahosted.org"><oscap-anaconda-addon@lists.fedorahosted.org></a>, "open-scap-list" > <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:open-scap-list@redhat.com"><open-scap-list@redhat.com></a> > Sent: Wednesday, February 26, 2014 2:53:24 PM > Subject: Re: Ignoring SCAP content in the OAA > </pre> </blockquote> <pre wrap=""> to share my vote / opinion - I also like the second option (ON / OFF) more.</pre> </div> </blockquote> +1 <blockquote cite="mid:1985521088.24344346.1393843915248.JavaMail.zimbra@redhat.com" type="cite"> <div class="moz-text-plain" wrap="true" graphical-quote="true" style="font-family: -moz-fixed; font-size: 12px;" lang="x-western"> <blockquote type="cite" style="color: #000000;"> <pre wrap="">> Personally, I like the look of option 2, but would go with wording like > "Select Security Policy" and "Apply Security Policy". </pre> </blockquote> <pre wrap="">"Select Security Policy / Apply Security Policy" proposed by Lee look fine to me. Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Technologies Team </pre> <blockquote type="cite" style="color: #000000;"> <pre wrap="">> Just my .02. > > > -- > Lee Kinser > Solutions Architect > Navy & Marine Corps > Red Hat Federal > 843-868-1024 (Mobile) > <a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:lkinser@redhat.com">lkinser@redhat.com</a> > > > ----- Original Message ----- </pre> <blockquote type="cite" style="color: #000000;"> <pre wrap="">> > From: "Vratislav Podzimek" <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:vpodzime@redhat.com"><vpodzime@redhat.com></a> > > To: "oscap-anaconda-addon" <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:oscap-anaconda-addon@lists.fedorahosted.org"><oscap-anaconda-addon@lists.fedorahosted.org></a> > > Cc: "scap-security-guide" <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:scap-security-guide@lists.fedorahosted.org"><scap-security-guide@lists.fedorahosted.org></a>, > > "open-scap-list" <a moz-do-not-send="true" class="moz-txt-link-rfc2396E" href="mailto:open-scap-list@redhat.com"><open-scap-list@redhat.com></a> > > Sent: Wednesday, February 26, 2014 4:07:02 AM > > Subject: Ignoring SCAP content in the OAA > > > > Hello everybody, > > I'd like to ask you for a favour. In the development cycle of the > > release 0.5 of the OSCAP Anaconda Addon, I've added an autodetection of > > the SCAP Security Guide content which means that if the > > scap-security-guide package is installed in the compose and no other > > content is specified in the kickstart file, the addon automatically > > loads SSG content. I believe this brings us a big improvement in UX for > > testing and finally moves us closer to including the OAA+SSG in the > > default composes for next Fedora (and others) release. > > However, this also brings the need to allow user changing the content > > used by the addon (to switch from autodetected SSG to some different > > content) and "not applying" content to the system (to easily turn of the > > functionality once it gets included in the default composes). Turns out > > it's quite hard to come up with the right widgets and proper labels > > (wording) that would explain user what's going on. > > The two mockup suggestions I've made so far are: > > 1. <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://vpodzime.fedorapeople.org/OAA_control_buttons.png">http://vpodzime.fedorapeople.org/OAA_control_buttons.png</a> > > 2. <a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://vpodzime.fedorapeople.org/OAA_control_buttons2.png">http://vpodzime.fedorapeople.org/OAA_control_buttons2.png</a> > > > > The 1. uses a GtkToggleButton that can be pushed down and stays in that > > state and I think it should have some better wording catching the > > process -- something like "Applying security rules"/"Ignoring security > > rules" -- that would change when the button is toggled. > > > > The 2. uses a switch which relies on the related label next to it and > > again even in this case, the right wording of the label is the key, I > > think. What about "Apply security rules"? > > > > Please keep in mind the fact, that we would like this screen to be shown > > even to unexperienced users who have no idea about SCAP and the special > > terms/keywords it uses. We don't want to confuse users and we want to > > give them an easy way to opt out. > > > > Any suggestions welcome! I'd like to release OAA 0.5 by the end of this > > week, so it will come with the best layout and wording we will be able > > to come up till that time.</pre> </blockquote> </blockquote> </div> </blockquote> In regards to content autodetection, IIRC, Grubb wanted content to be placed into /usr/share/xml/scap/. Are you hard coding /usr/share/xml/scap/ssg/content, or recursively searching through /usr/share/xml/scap/? Would be great to recursively search /usr/share/xml/scap/{content provider}, which would reenforce to content developers to properly place their files (or atleast symlinks) on the system. </body> </html>