From jordancaraballo87 at gmail.com  Sat Oct  6 21:53:42 2018
From: jordancaraballo87 at gmail.com (Jordan Caraballo)
Date: Sat, 6 Oct 2018 17:53:42 -0400
Subject: [scap-security-guide] Developing Content for SLES
Message-ID: <CABoP_SRgut7przBYvQxi3PPLcSM96J5zD=YQE8=oPn_Ym5oi-g@mail.gmail.com>

Hi folks,

Since we are looking to enhance the monitoring of our systems, I have plans
on enhancing and developing content for SLES 11/12 for the SCAP Security
Guide. While I know how to develop the content, I am not entirely sure of
where to find the guides for SLES to create the specific profiles or add
the rules.

Does anyone know where to find a guide for the specific checks that require
a SLES system to be compliant? Any ideas?

Thanks,
Jordan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/scap-security-guide/attachments/20181006/0087cee4/attachment.htm>

From shawn at redhat.com  Mon Oct  8 16:27:32 2018
From: shawn at redhat.com (Shawn Wells)
Date: Mon, 8 Oct 2018 12:27:32 -0400
Subject: [scap-security-guide] Developing Content for SLES
In-Reply-To: <CABoP_SRgut7przBYvQxi3PPLcSM96J5zD=YQE8=oPn_Ym5oi-g@mail.gmail.com>
References: <CABoP_SRgut7przBYvQxi3PPLcSM96J5zD=YQE8=oPn_Ym5oi-g@mail.gmail.com>
Message-ID: <b75b234a-3754-e47f-0b15-f431ba003a2c@redhat.com>



On 10/6/18 5:53 PM, Jordan Caraballo wrote:
> Hi folks,
>
> Since we are looking to enhance the monitoring of our systems, I have 
> plans on enhancing and developing content for SLES 11/12 for the SCAP 
> Security Guide. While I know how to develop the content, I am not 
> entirely sure of where to find the guides for SLES to create the 
> specific profiles or add the rules.
>
> Does anyone know where to find a guide for the specific checks that 
> require a SLES system to be compliant? Any ideas?

Welcome!

Currently there is content for OpenSuSE, SLE11, and SLE12. The SLE 
content is currently a bit sparse, which means any contribution would be 
especially impactful.

Years ago, when the content project enabled multiple linux 
distributions, we found that many configuration checks overlap between 
distros.

In cases of overlapping configuration guidance (e.g. same process used 
to set something like a sysctl), the content was moved to the linux_os/ 
directory:

https://github.com/ComplianceAsCode/content/tree/master/linux_os/guide

Shared supplementary content, like OVAL and remediation scripts, can be 
found in shared/:
https://github.com/ComplianceAsCode/content/tree/master/shared

This means that:
- If there's an existing rule to enable in a SLE profile, the rule needs 
to be added to a SLE profile under 
https://github.com/ComplianceAsCode/content/tree/master/sle12/profiles
- If a new configuration check is specific to SLE, it should go under 
the SLE directory structure
- If a new configuration check is shared across multiple distros, it 
should fall under shared/

There's also a developer guide which may be helpful:
https://github.com/ComplianceAsCode/content/blob/master/docs/manual/developer_guide.adoc