[Spacewalk-list] OpenSCAP XML's

Waldirio Manhães Pinheiro waldirio at gmail.com
Tue Jan 27 12:12:25 UTC 2015 

Hello Erik, good morning

You can do the steps bellow

yum install spacewalk-oscap -y
yum install scap-security-guide -y

after install the security-guide package, you can check files in your
/usr/share/xml/scap/ssg/content directory.

Are you using in RHEL or CentOS Systems !?!

If you are using RHEL 6, the files used will be as bellow

/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionary.xml
/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
/usr/share/xml/scap/ssg/content/ssg-rhel6-ds.xml
/usr/share/xml/scap/ssg/content/ssg-rhel6-oval.xml
/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml

To check what profile you have available, execute the command bellow:

oscap info ssg-rhel6-xccdf.xml

and to test, execute command bellow

oscap info ssg-rhel6-xccdf.xml

If you are running in CentOS 6, you need change some parameters

sed -i -e "s#<platform>Red Hat Enterprise Linux
6</platform>#<platform>CentOS 6</platform>##g"
/usr/share/xml/scap/ssg/content/ssgrhel6-cpe-oval.xml
sed -i -e "s#cpe:/o:redhat:enterprise_linux:6#cpe:/o:centos:centos:6##g"
/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
sed -i -e "s#cpe:/o:redhat:enterprise_linux#cpe:/o:centos:centos##g"
/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml

After these changes, will work fine in CentOS.

Let me know if you have any question!

Take Care


______________
Atenciosamente
Waldirio
msn: waldirio at gmail.com
Skype: waldirio
Site: www.waldirio.com.br
Blog: blog.waldirio.com.br
LinkedIn: http://br.linkedin.com/pub/waldirio-pinheiro/22/b21/646
PGP: www.waldirio.com.br/public.html

On Mon, Jan 26, 2015 at 11:46 PM, Erik Johnson <erikj at gwu.edu> wrote:

> Hi,
> Can anyone point me in the direction of an openscap library of sorts? I
> have tried the STIGS from US DOD, but all the checks simply state
> 'notchecked'. The spacewalk web interface says the default command is oscap
> xccdf eval, and I cannot seem to change that to use oval files instead.
>
> Anyone have any experience using the audit function with public xccdf
> definitions? Thank you.
> -
> Erik E. Johnson
> Division of Information Technology
> The George Washington University
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20150127/0745dcd7/attachment.htm>

More information about the Spacewalk-list mailing list