[Spacewalk-list] OpenSCAP Scans, anyone?

Stuart Green stuart.green at doccentrics.com
Wed Aug 7 08:31:19 UTC 2013 

Good Morning Dimitri,

As promised, here's the rpm's with the fix :-)

* Thu Jul 25 2013 Simon Lukasik <slukasik at redhat.com> 0.0.19-1
- Do not try to parse xccdf-report.html with SAX parser

http://koji.spacewalkproject.org/packages/spacewalk-oscap/0.0.19/1.el5/noarch/spacewalk-oscap-0.0.19-1.el5.noarch.rpm

http://koji.spacewalkproject.org/packages/spacewalk-oscap/0.0.19/1.el6/noarch/spacewalk-oscap-0.0.19-1.el6.noarch.rpm

Sorry can't help you on the other request, but I'm also interested myself!

On a Side note it might be worth you joining the SSG list 
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide as 
you might come across a few false results in the reports that have been 
already discussed and have bug's open.

Cheers,
Stuart

> Thanks, Stu.  I'll look forward to you or Simon pointing me
> in the right direction.  I'd really like to get the audit
> working; it seems worthwhile.
>
> As I also mentioned finding the scap for CentOS5/RHEL5.  If
> anyone has found or created this, I'd be grateful if you
> could share it with me.
>
> Dimitri
>
>
> On Tuesday 06 August 2013 5:07:20 pm Stuart Green wrote:
>> Hi Dimitri
>>
>> There's a bug in the released version that I helped find.
>>    Simon's sorted it,  you can find the fix in nightly
>> spacewalk-oscap (version 19 from memory). on my phone
>> currently  otherwise would provide direct link ;-)  if
>> you're not sure where to look either myself or Simon will
>> point you in the right direction in about 12 hours from
>> now.
>>
>> Cheers,
>> Stu
>>
>> On 6 Aug 2013 18:21, "Dimitri Yioulos"
> <dyioulos at onpointfc.com> wrote:
>>> Hi, List.
>>>
>>> I've been trying to use Audit/OpenSCAP Scans on my
>>> Spacewalk 2.0.  I've installed the requisite packages
>>> (I think on both Spacewalk host and target host.  If I
>>> run:
>>>
>>> oscap xccdf eval --profile
>>> test --results /var/www/html/results.xml --report
>>> /var/www/html/report.html --cpe
>>> /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionar
>>> y.xml
>>> /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
>>>
>>> directly on the remote host, I not only get a nice
>>> report to stdout, but also a nice report in HTML.  But,
>>> if I can't seem to get the audit set up to work from
>>> Spacewalk.  Has anyone set this up that can show me the
>>> way?
>>>
>>> Also, I was able to DL the xccdf.xml file for
>>> CentOS6/RHEL6, but can't find one for CentOS5/RHEL5.
>>> Has anyone found or created one that he/she is willing
>>> to share?
>>>
>>> As always, appreciated.
>>>
>>> Dimitri
>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>>>
>>> _______________________________________________
>>> Spacewalk-list mailing list
>>> Spacewalk-list at redhat.com
>>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
>

More information about the Spacewalk-list mailing list