[Open-scap] OpenSCAP RHEL 6.2 Documentation
Simon Lukasik
slukasik at redhat.com
Wed Nov 21 08:35:04 UTC 2012
On 11/21/2012 04:34 AM, Shawn Wells wrote:
> If you're after things which are 100% in RHEL, without using EPEL
> sources, the following should do the trick:
>
> Regardless, on a RHEL6 box:
> # yum install openscap-content openscap-utils
>
> The openscap-content package will deploy the following:
> # rpm -ql openscap-content
> /usr/share/openscap/scap-oval.xml
> /usr/share/openscap/scap-rhel6-oval.xml
> /usr/share/openscap/scap-rhel6-xccdf.xml
> /usr/share/openscap/scap-xccdf.xml
>
> To create a human readable guide of all this XML stuff:
> # oscap xccdf generate guide /usr/share/openscap/scap-xccdf.xml >
> /tmp/openscap-content.html
> $favoriteBrowser /tmp/openscap-content.html
>
> And then do a scan:
> # oscap xccdf eval --profile RHEL6-Default \
> --results /tmp/`hostname`-openscap-content-results.xml \
> --report /tmp/`hostname`-openscap-content-results.html \
> /usr/share/openscap/scap-xccdf.xml
>
Good. Except that I would prefer to use directory other than /tmp for
results. I suggest to create a subdirectory accessible only by a given user.
--
Simon Lukasik
Security Technologies
More information about the Open-scap-list
mailing list