[Open-scap] How to list available SCAP profiles using oscap

[Sachin Vyas]

Hi Marek, 

Thank you for quick response. 

I want to use one particular profile, not all of them, and not "any" of them but I want to list all the available profiles available on machine and then select one of them, so was looking for a option. 
Using $ oscap info or $ oscap info --profiles gives error stating some-file.xml is required. As per oscap man page, info requires any-scap-file.xml but I was looking for option to list all the profiles without specifying the any-scap-file.xml file. 

Sachin


   On Friday, August 24, 2018, 9:58:57 PM GMT+5:30, Marek Haicman <mhaicman at redhat.com> wrote:  
 
 On 08/24/2018 06:06 PM, Sachin Vyas wrote:
 > Hi,
 >
 > Greetings.
 >
 > I need to perform OpenSCAP scan in an automated manner using command
 > line tool 'oscap' on a RHEL 6.5 machine but not able to find a way to
 > list all the available profiles ( installed by scap-security-guide rpm
 > package ). Is it possible to list all the available profiles on a RHEL
 > 6.5 machine using oscap or by constructing a os command so that I can
 > choose one of the available profiles and feed it into oscap and perform
 > the scan.
 >
 > Thanks
 > Hello Sachin,
I am slightly confused. I have just checked, and there is no 
scap-security-guide rpm for RHEL 6.5. Package was first shipped in 
RHEL6.6, and in RHEL6.5 there has been openscap-content rpm that had one 
profile only.

For the list of profiles, you can use `oscap info`, (in newest versions 
of openscap it's even more convenient `oscap info --profiles`. But 
anyway I would strongly suggest to not automate profile selection. What 
you want to use is one particular profile, not all of them, and not 
"any" of them. But maybe there is a use case - can you clarify why do 
you need to automate profile picking?

Marek
  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20180824/2896ca82/attachment.htm>