[Open-scap] Issues with open-scap 0.9.1 and 0.9.2 on RHEL6 (UNCLASSIFIED)
Simon Lukasik
slukasik at redhat.com
Tue Nov 20 19:42:42 UTC 2012
On 11/20/2012 07:20 PM, Shawn Wells wrote:
> Question: In the 0.9.2 release note [1] it was mentioned that the --cpe
> option autodetects what CPE dictionary to use. I haven't been able to
> explore the 0.9.2 release yet, however will that solve this issue?
> Specifically since the SSG content follows a standard ssg-rhel6-{xccdf
> cpe oval}.xml naming scheme will OpenSCAP 0.9.2 pickup the CPE file?
>
No, I am afraid.
Autodect means that oscap tool (automatically) recognize version of
given dictionary (the --cpe argument). In some of the previous versions
you have had to use different arguments for different CPE versions.
And regarding filenames you've mentioned: .*-{xccdf,cpe,oval}.xml -- is
this really a standard file-naming scheme or is it just commonly used?
Currently, there is no consensus amongst developers whether the oscap
command-line tool shall try to guess filenames or not. And I believe it
should not.
Although, patches are always welcome. :)
--
Simon Lukasik
Security Technologies
More information about the Open-scap-list
mailing list