[Open-scap] oscap xccdf generate guide with different platform-rules
tmey at lisag.de
tmey at lisag.de
Tue Jun 2 12:35:28 UTC 2015
We have in our xccdf something like
<Rule id="grub_pw_2.1-rh6" >
<title>grub password</title>
<description> a very long description </description>
<platform idref="cpe:/o:redhat:enterprise_linux:6" />
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:ssg:def:453" href="ssg-rhel6-oval.xml" />
</check>
</Rule>
<Rule id="grub_pw_2.1-rh7" >
<title>grub password</title>
<description> a very long description </description>
<platform idref="cpe:/o:redhat:enterprise_linux:7" />
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:ssg:def:235" href="ssg-rhel7-oval.xml" />
</check>
</Rule>
Because there are different definitions in the Scap Security Guide for RHEL7 and there is no possibility to choose different checks inside the same rule, depending on platform.
Anyway:
If I'm generating the guide, I'll get the <description>, <fixtext> and so on for both rules.
Is there an option, to generate the guide only for the rules, applicaple to an specific platform?
Different Profile is no option, because we're working with very large benchmarks and using the profiles only für blacklistung for some very specific rules.
Thanks in advance
Tilo Mey
--
Linux Information Systems
LIS Stuttgart GmbH
Talstraße 41 70188 Stuttgart Germany
mobil +49-177-6493942 tel +49-711-6403961 fax +49-711-6403955
Geschäftsführer Tilo Mey
Amtsgericht Stuttgart, HRB 729287, Ust-IdNr DE264295269
Volksbank Stuttgart EG, BIC VOBADESS, IBAN DE75600901000340001003
More information about the Open-scap-list
mailing list