[Open-scap] Scanning Ubuntu / Debian servers with openscap

Dhanushka Parakrama parakrama1282 at gmail.com
Thu Aug 23 13:43:15 UTC 2018 

Hi Marek and All

Thanks for the input ,

I downloaded https://github.com/OpenSCAP/scap-security-guide/releases
 and  ran the scan on *Ubuntu 14.04.1 LTS *machine but got following error
in the output  , Is there any reason for that

*oscap-ssh --sudo  ubuntu at 192.168.58.16 <ubuntu at 192.168.58.16> 22 xccdf
eval --profile "xccdf_org.ssgproject.content_profile_standard"
 ssg-ubuntu1404-ds.xml*

Connecting to 'ubuntu at 192.168.58.16' on port '22'...
Connected!
Copying input file 'ssg-ubuntu1404-ds.xml' to remote working directory
'/tmp/tmp.gnlzPqb9fD'...
Starting the evaluation...
sudo: unable to resolve host openscap-client^M
OpenSCAP Error: File '/tmp/tmp.gnlzPqb9fD/input.xml' line 3197: Element '{
http://oval.mitre.org/XMLSchema/oval-definitions-5#linux}systemdunitdependency_test':
This element is not expected.^M
 [../../../src/XCCDF/xccdf_session.c:341]^M
File '/tmp/tmp.gnlzPqb9fD/input.xml' line 4154: Element '{
http://oval.mitre.org/XMLSchema/oval-definitions-5#linux}systemdunitdependency_object':
This element is not expected.^M
 [../../../src/XCCDF/xccdf_session.c:341]^M
File '/tmp/tmp.gnlzPqb9fD/input.xml' line 5349: Element '{
http://oval.mitre.org/XMLSchema/oval-definitions-5#linux}systemdunitdependency_state':
This element is not expected.^M
 [../../../src/XCCDF/xccdf_session.c:341]^M




On Wed, 22 Aug 2018 at 23:31, Marek Haicman <mhaicman at redhat.com> wrote:

> On 08/22/2018 07:37 PM, Dhanushka Parakrama wrote:
> > Hi Team
> >
> > I'm new to Openscap
> >
> > I able to scan my redhat and centos machines with Openscap  for
> >   compliance  .
> >
> > oscap xccdf eval --profile "usgcb-rhel6-server" --report
> > /tmp/report.html /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
> >
> > 1.  Is there any way to scan Ubuntu and Debian machine for certain
> > complicate ?
> > 2.  Are there any XCCDF files for ubunti and Debain ?
> >
> >
> > Thanks in Advance
> > Dhanushka
>
>
> Hello Dhanushka,
> if you take a look at our upstream github release page
> https://github.com/OpenSCAP/scap-security-guide/releases there is
> "scap-security-guide-0.1.40.zip" archive. This archive contains
> datastreams for all products we generate content for.
>
> Mind you, RHEL content is more complete than the rest, mostly because of
> Red Hat contributors.
>
> Hope it will help!
> Marek
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20180823/370a11da/attachment.htm>

More information about the Open-scap-list mailing list