[Spacewalk-list] OpenScap/SSG and CentOS
Waldirio Manhães Pinheiro
waldirio at gmail.com
Sun Nov 2 12:33:26 UTC 2014
Dear Uğur, good morning
Tnx for reply, I was in deep with the conf files and discovered a few hours
ago.
Bellow some command to change conf files and turn available to CentOS
[root at deskx content]# yum install scap-security-guide -y
[root at deskx content]# sed -i -e "s#<platform>Red Hat Enterprise Linux
6</platform>#<platform>CentOS 6</platform>##g"
/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
[root at deskx content]# sed -i -e
"s#cpe:/o:redhat:enterprise_linux:6#cpe:/o:centos:centos:6##g"
/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
[root at deskx content]# sed -i -e
"s#cpe:/o:redhat:enterprise_linux#cpe:/o:centos:centos##g"
/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
after this, just run the command, for example to server profile
[root at deskx content]# oscap xccdf eval --profile server ssg-rhel6-xccdf.xml
...
Title Mount Remote Filesystems with nosuid
Rule use_nosuid_option_on_nfs_mounts
Ident CCE-26972-0
Result pass
Title Require Client SMB Packet Signing, if using smbclient
Rule require_smb_client_signing
Ident CCE-26328-5
Result fail
Title Require Client SMB Packet Signing, if using mount.cifs
Rule require_smb_client_signing_mount.cifs
Ident CCE-26792-2
Result pass
[root at deskx content]# cat /etc/redhat-release
CentOS release 6.5 (Final)
[root at deskx content]#
B'Regards
______________
Atenciosamente
Waldirio
msn: waldirio at gmail.com
Skype: waldirio
Site: www.waldirio.com.br
Blog: blog.waldirio.com.br
LinkedIn: http://br.linkedin.com/pub/waldirio-pinheiro/22/b21/646
PGP: www.waldirio.com.br/public.html
On Sun, Nov 2, 2014 at 9:12 AM, Uğur Engin <mail at ugurengin.com> wrote:
>
> Hello,
>
> Of course, you can use it properly.However you must be change some values
> in xml files where is stored in openscap directory.
>
> For example CNT6:
>
> Change these values "cpe:/o:redhat:enterprise_linux:6" to
> cpe:/o:centos:centos:6
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1085977
>
>
> On Sun, Nov 2, 2014 at 11:17 AM, Waldirio Manhães Pinheiro <
> waldirio at gmail.com> wrote:
>
>> Friends, good morning
>>
>> Is it possible use SSG with CentOS ?!, I've this environment with rhel
>> and works fine, although I would like to configure in CentOS.
>>
>> Thanks in advanced!
>>
>> ______________
>> Atenciosamente
>> Waldirio
>> msn: waldirio at gmail.com
>> Skype: waldirio
>> Site: www.waldirio.com.br
>> Blog: blog.waldirio.com.br
>> LinkedIn: http://br.linkedin.com/pub/waldirio-pinheiro/22/b21/646
>> PGP: www.waldirio.com.br/public.html
>>
>> _______________________________________________
>> Spacewalk-list mailing list
>> Spacewalk-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>
>
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20141102/1d1d059b/attachment.htm>
More information about the Spacewalk-list
mailing list