[Spacewalk-list] OpenSCAP Scans, anyone?

Simon Lukasik slukasik at redhat.com
Wed Aug 7 09:16:15 UTC 2013 

On 08/07/2013 10:31 AM, Stuart Green wrote:
> Good Morning Dimitri,
> 
> As promised, here's the rpm's with the fix :-)
> 
> * Thu Jul 25 2013 Simon Lukasik <slukasik at redhat.com> 0.0.19-1
> - Do not try to parse xccdf-report.html with SAX parser
> 
> http://koji.spacewalkproject.org/packages/spacewalk-oscap/0.0.19/1.el5/noarch/spacewalk-oscap-0.0.19-1.el5.noarch.rpm
> 
> 
> http://koji.spacewalkproject.org/packages/spacewalk-oscap/0.0.19/1.el6/noarch/spacewalk-oscap-0.0.19-1.el6.noarch.rpm
> 
> 
> Sorry can't help you on the other request, but I'm also interested myself!
> 
> On a Side note it might be worth you joining the SSG list
> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide as
> you might come across a few false results in the reports that have been
> already discussed and have bug's open.

Stuart,

This does not help, I believe. Dimitri has other issue.

> 
> Cheers,
> Stuart
> 
>> Thanks, Stu.  I'll look forward to you or Simon pointing me
>> in the right direction.  I'd really like to get the audit
>> working; it seems worthwhile.
>>
>> As I also mentioned finding the scap for CentOS5/RHEL5.  If
>> anyone has found or created this, I'd be grateful if you
>> could share it with me.
>>
>> Dimitri
>>
>>
>> On Tuesday 06 August 2013 5:07:20 pm Stuart Green wrote:
>>> Hi Dimitri
>>>
>>> There's a bug in the released version that I helped find.
>>>    Simon's sorted it,  you can find the fix in nightly
>>> spacewalk-oscap (version 19 from memory). on my phone
>>> currently  otherwise would provide direct link ;-)  if
>>> you're not sure where to look either myself or Simon will
>>> point you in the right direction in about 12 hours from
>>> now.
>>>
>>> Cheers,
>>> Stu
>>>
>>> On 6 Aug 2013 18:21, "Dimitri Yioulos"
>> <dyioulos at onpointfc.com> wrote:
>>>> Hi, List.
>>>>
>>>> I've been trying to use Audit/OpenSCAP Scans on my
>>>> Spacewalk 2.0.  I've installed the requisite packages
>>>> (I think on both Spacewalk host and target host.  If I
>>>> run:
>>>>
>>>> oscap xccdf eval --profile
>>>> test --results /var/www/html/results.xml --report
>>>> /var/www/html/report.html --cpe
>>>> /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionar
>>>> y.xml
>>>> /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
>>>>
>>>> directly on the remote host, I not only get a nice
>>>> report to stdout, but also a nice report in HTML.  But,
>>>> if I can't seem to get the audit set up to work from
>>>> Spacewalk.  Has anyone set this up that can show me the
>>>> way?
>>>>
>>>> Also, I was able to DL the xccdf.xml file for
>>>> CentOS6/RHEL6, but can't find one for CentOS5/RHEL5.
>>>> Has anyone found or created one that he/she is willing
>>>> to share?
>>>>
>>>> As always, appreciated.
>>>>
>>>> Dimitri
>>>>
>>>> -- 
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>>>

-- 
Simon Lukasik
Security Technologies

More information about the Spacewalk-list mailing list