[Open-scap] back port to rhel5.5?

[Ted Toth]

On Sun, Apr 17, 2011 at 12:22 PM, Steve Grubb <sgrubb at redhat.com> wrote:
> On Sunday, April 17, 2011 11:23:37 AM Ted Toth wrote:
>> > `oscap oval validate-xml usgcb-rhel5desktop-oval.xml` reports the
>> > sames issues but it doesn't abend. Is this what you wanted to know?
>
> Yes, I think that is helpful. I guess we need to back track from there to see what
> version its fixed.
>
>
>> > Regarding the RHEL patch content I'd need a matching xccdf file to be
>> > able to use this with openscap, right?
>
> No, I think you can run the OVAL content as is.
>
>> > As I type I'm running it through ovaldi that I built using the CLIP 5.4 stuff from
>> > Tresys but the customer and I would prefer an openscap solution.
>> > What's involved in supporting a new schema?
>
> Adding new probes and going over the whole specification to see what else has changed.
> I don't think we did the gap analysis just yet.
>
>
>> > I see the /usr/share/openscap/schemas/oval directory could I create a 5.8 using
>> > the Mitre xsd files?
>>
>> Do new probes for openscap need to be developed to support the
>> partition_* elements?
>
> Yes. That is part of the OVAL 5.8 work that should be starting in the coming weeks. We
> also need rpmverify and there is an selinux probe the content will need. But for your
> immediate problem, you can remove the partition test elements and this should work.
>
> -Steve
>

Yes that's what I did. I also had to comment out :
oval:gov.nist.usgcb.rhel:def:144120
because it cause a validation error.

Then I ran:
oscap oval eval --result-file oval_result.xml usgcb-rhel5desktop-oval.xml
oscap oval generate report oval_result.xml > oval_results.html

Now I've got a sort of dumb question what do the results mean
i.e.true/false/error/unknown?  And who picked green to the default
'error' background on the html? ;)

Ted