[Open-scap] new to oscap. Question about oscap results
wm-lists
wm-lists at nixpeeps.com
Mon Oct 22 16:36:05 UTC 2012
I'm using the openscap rpm's from Red Hat (via RHN)
# rpm -q openscap
openscap-0.8.0-2.el6.x86_64
# oscap --version | head -n 1
OSCAP util (oscap) 0.8.0
As far as the content goes, that is the content I downloaded via git this
morning.
I can reproduce the "null"'s pretty much everytime.
On Mon, Oct 22, 2012 at 11:52 AM, Simon Lukasik <slukasik at redhat.com> wrote:
> On 10/22/2012 04:49 PM, wm-lists wrote:
> > I have downloaded the latest oscap files via git, and executed a profile
> > on a RHEL6 box using the content, but my results seem to be full of
> > *null* and maybe one or two *pass*.
> >
>
> That's definitely not expected. We've looked into this, but we are
> failing to reproduce the issue.
>
> Sometimes people happen to mix locally built oscap tool with globally
> installed library. Can you please verify that the following versions do
> matches for You:
>
> $ rpm -q openscap
>
> $ oscap --version | head -n 1
>
> Also, are You able to reproduce this issues with package installed by
> rpm? You can use rpm packages either
> - from your provider
> - our today's unofficial build at
> http://repos.fedorapeople.org/repos/gitopenscap/openscap/epel-6/
>
> > Am I missing a step here? any guidance would be greatly appreciated.
> > I'm looking at integrating this with my employers Satellite
> > installation and am very interested in the security implications of this.
> >
>
> Great, good luck!
>
> I wonder, if you really need latest openscap for this? Isn't the
> official build of openscap from Your provider good enough?
>
> > Thanks!
> > Will
> >
> > #oscap xccdf eval --profile server dist/content/ssg-rhel6-xccdf.xml
> >
> > Rule ID: partition_for_tmp
> > Title: Ensure /tmp Located On Separate Partition
> > Result: (null)
> >
> > Rule ID: partition_for_var
> > Title: Ensure /var Located On Separate Partition
> > Result: (null)
> >
> > Rule ID: partition_for_var_log
> > Title: Ensure /var/log Located On Separate Partition
> > Result: (null)
> >
> > Rule ID: partition_for_var_log_audit
> > Title: Ensure /var/log/audit Located On Separate Partition
> > Result: (null)
> >
> > Rule ID: partition_for_home
> > Title: Ensure /home Located On Separate Partition
> > Result: (null)
> >
> > Rule ID: ensure_redhat_gpgkey_installed
> > Title: Ensure Red Hat GPG Key Installed
> > Result: (null)
> >
> > Rule ID: service_rhnsd_disabled
> > Title: Disable Red Hat Network Service (rhnsd)
> > Result: (null)
> >
> > Rule ID: security_patches_up_to_date
> > Title: Ensure Software Patches Installed
> > Result: (null)
> >
> > Rule ID: ensure_gpgcheck_globally_activated
> > Title: Ensure gpgcheck Enabled In Main Yum Configuration
> > Result: (null)
> >
> > Rule ID: ensure_gpgcheck_never_disabled
> > Title: Ensure gpgcheck Enabled For All Yum Package Repositories
> > Result: (null)
> >
> >
> >
> > _______________________________________________
> > Open-scap-list mailing list
> > Open-scap-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/open-scap-list
>
>
> --
> Simon Lukasik
> Security Technologies
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20121022/225fa5f7/attachment.htm>
More information about the Open-scap-list
mailing list