[Open-scap] <TestResult> lacking <result>s
Shawn Wells
shawn at redhat.com
Wed Nov 28 02:04:45 UTC 2012
On 11/27/12 8:30 PM, Shawn Wells wrote:
> On 11/27/12 10:51 AM, Gary Gapinski wrote:
>> I'm trying to test open-scap and scap-security-guide with the latest
>> content from git, and am steadfastly getting void eval results.
>>
>> As in
>>
>> oscap xccdf eval --profile common --oval-results --results /tmp/results-test.xml output/ssg-rhel6-xccdf.xml
>>
>
>
> Try with CPE. Just rebased my local git tree of the SSG, seems to run
> OK for both stig-server and common profiles when using
> openscap-utils-0.9.2-1.el6.x86_64. Note that many SSG OVAL checks are
> a work in progress.
>
> oscap xccdf eval --profile stig-server --cpe-dict
> RHEL6/output/ssg-rhel6-cpe-dictionary.xml
> RHEL6/output/ssg-rhel6-xccdf.xml
> ......
> Title Ensure All Files Are Owned by a Group
> Rule no_files_unowned_by_group
> Ident CCE-3573-3
> Result pass
>
> Title Disable Core Dumps for All Users
> Rule disable_users_coredumps
> Ident CCE-4225-9
> Result fail
>
>
> oscap xccdf eval --profile common --cpe-dict
> RHEL6/output/ssg-rhel6-cpe-dictionary.xml RHEL6/output/ssg-rhel6-xccdf.xml
> ........
> Title Mount Remote Filesystems with nodev
> Rule use_nodev_option_on_nfs_mounts
> Ident CCE-4368-7
> Result pass
>
> Title Mount Remote Filesystems with nosuid
> Rule use_nosuid_option_on_nfs_mounts
> Ident CCE-4024-6
> Result pass
Whoops, looks like --cpe-dict has been deprecated. Use --cpe.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20121127/87c96817/attachment.htm>
More information about the Open-scap-list
mailing list