[Spacewalk-list] OpenSCAP Scans, anyone?

Dimitri Yioulos dyioulos at onpointfc.com
Wed Aug 7 13:58:09 UTC 2013 

Good morning, Simon and Stu.

The RPM with the fix looks to have worked!  The test profile 
checks 11 rules, and 11 rules have a result of pass or fail 
in Spacewalk.  Many, many thanks.

Believe me, I don't want to sound anything less than 
grateful, but (of course) the report created by oscap from 
Spacewalk is pretty cursory.  It mainly shows the rule 
identifier and result.  I suppose one could run oscap at 
the command line of the target host to get greater detail.  
I've put up the report that oscap generates at the command 
line at www.onpointfc.com/report.html, and will leave it 
there for just a short time so that you can have a 
look-see.  Would be great if Spacewalk provided similar 
detail or, at least, provided a link to a generated html 
report like that I posted.  Just sayin'.

Dimitri


On Wednesday 07 August 2013 5:22:46 am Stuart Green wrote:
> Oh fair enough, I just thought he couldn't get it the
> report to come home into spacewalk when using the
> interface...  I guess we'll find out when he reply's :-)
>
> /You're probably right though!!/
>
> On 07/08/2013 10:16, Simon Lukasik wrote:
> > On 08/07/2013 10:31 AM, Stuart Green wrote:
> >> Good Morning Dimitri,
> >>
> >> As promised, here's the rpm's with the fix :-)
> >>
> >> * Thu Jul 25 2013 Simon Lukasik <slukasik at redhat.com>
> >> 0.0.19-1 - Do not try to parse xccdf-report.html with
> >> SAX parser
> >>
> >> http://koji.spacewalkproject.org/packages/spacewalk-os
> >>cap/0.0.19/1.el5/noarch/spacewalk-oscap-0.0.19-1.el5.no
> >>arch.rpm
> >>
> >>
> >> http://koji.spacewalkproject.org/packages/spacewalk-os
> >>cap/0.0.19/1.el6/noarch/spacewalk-oscap-0.0.19-1.el6.no
> >>arch.rpm
> >>
> >>
> >> Sorry can't help you on the other request, but I'm
> >> also interested myself!
> >>
> >> On a Side note it might be worth you joining the SSG
> >> list
> >> https://lists.fedorahosted.org/mailman/listinfo/scap-s
> >>ecurity-guide as you might come across a few false
> >> results in the reports that have been already
> >> discussed and have bug's open.
> >
> > Stuart,
> >
> > This does not help, I believe. Dimitri has other issue.
> >
> >> Cheers,
> >> Stuart
> >>
> >>> Thanks, Stu.  I'll look forward to you or Simon
> >>> pointing me in the right direction.  I'd really like
> >>> to get the audit working; it seems worthwhile.
> >>>
> >>> As I also mentioned finding the scap for
> >>> CentOS5/RHEL5.  If anyone has found or created this,
> >>> I'd be grateful if you could share it with me.
> >>>
> >>> Dimitri
> >>>
> >>> On Tuesday 06 August 2013 5:07:20 pm Stuart Green 
wrote:
> >>>> Hi Dimitri
> >>>>
> >>>> There's a bug in the released version that I helped
> >>>> find. Simon's sorted it,  you can find the fix in
> >>>> nightly spacewalk-oscap (version 19 from memory). on
> >>>> my phone currently  otherwise would provide direct
> >>>> link ;-)  if you're not sure where to look either
> >>>> myself or Simon will point you in the right
> >>>> direction in about 12 hours from now.
> >>>>
> >>>> Cheers,
> >>>> Stu
> >>>>
> >>>> On 6 Aug 2013 18:21, "Dimitri Yioulos"
> >>>
> >>> <dyioulos at onpointfc.com> wrote:
> >>>>> Hi, List.
> >>>>>
> >>>>> I've been trying to use Audit/OpenSCAP Scans on my
> >>>>> Spacewalk 2.0.  I've installed the requisite
> >>>>> packages (I think on both Spacewalk host and target
> >>>>> host.  If I run:
> >>>>>
> >>>>> oscap xccdf eval --profile
> >>>>> test --results /var/www/html/results.xml --report
> >>>>> /var/www/html/report.html --cpe
> >>>>> /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dicti
> >>>>>onar y.xml
> >>>>> /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
> >>>>>
> >>>>> directly on the remote host, I not only get a nice
> >>>>> report to stdout, but also a nice report in HTML. 
> >>>>> But, if I can't seem to get the audit set up to
> >>>>> work from Spacewalk.  Has anyone set this up that
> >>>>> can show me the way?
> >>>>>
> >>>>> Also, I was able to DL the xccdf.xml file for
> >>>>> CentOS6/RHEL6, but can't find one for
> >>>>> CentOS5/RHEL5. Has anyone found or created one that
> >>>>> he/she is willing to share?
> >>>>>
> >>>>> As always, appreciated.
> >>>>>
> >>>>> Dimitri
> >>>>>
> >>>>> --
> >>>>> This message has been scanned for viruses and
> >>>>> dangerous content by MailScanner, and is
> >>>>> believed to be clean.



-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the Spacewalk-list mailing list