[Spacewalk-list] OpenSCAP Scans, anyone?
Dimitri Yioulos
dyioulos at onpointfc.com
Wed Aug 7 13:58:09 UTC 2013
Good morning, Simon and Stu.
The RPM with the fix looks to have worked! The test profile
checks 11 rules, and 11 rules have a result of pass or fail
in Spacewalk. Many, many thanks.
Believe me, I don't want to sound anything less than
grateful, but (of course) the report created by oscap from
Spacewalk is pretty cursory. It mainly shows the rule
identifier and result. I suppose one could run oscap at
the command line of the target host to get greater detail.
I've put up the report that oscap generates at the command
line at www.onpointfc.com/report.html, and will leave it
there for just a short time so that you can have a
look-see. Would be great if Spacewalk provided similar
detail or, at least, provided a link to a generated html
report like that I posted. Just sayin'.
Dimitri
On Wednesday 07 August 2013 5:22:46 am Stuart Green wrote:
> Oh fair enough, I just thought he couldn't get it the
> report to come home into spacewalk when using the
> interface... I guess we'll find out when he reply's :-)
>
> /You're probably right though!!/
>
> On 07/08/2013 10:16, Simon Lukasik wrote:
> > On 08/07/2013 10:31 AM, Stuart Green wrote:
> >> Good Morning Dimitri,
> >>
> >> As promised, here's the rpm's with the fix :-)
> >>
> >> * Thu Jul 25 2013 Simon Lukasik <slukasik at redhat.com>
> >> 0.0.19-1 - Do not try to parse xccdf-report.html with
> >> SAX parser
> >>
> >> http://koji.spacewalkproject.org/packages/spacewalk-os
> >>cap/0.0.19/1.el5/noarch/spacewalk-oscap-0.0.19-1.el5.no
> >>arch.rpm
> >>
> >>
> >> http://koji.spacewalkproject.org/packages/spacewalk-os
> >>cap/0.0.19/1.el6/noarch/spacewalk-oscap-0.0.19-1.el6.no
> >>arch.rpm
> >>
> >>
> >> Sorry can't help you on the other request, but I'm
> >> also interested myself!
> >>
> >> On a Side note it might be worth you joining the SSG
> >> list
> >> https://lists.fedorahosted.org/mailman/listinfo/scap-s
> >>ecurity-guide as you might come across a few false
> >> results in the reports that have been already
> >> discussed and have bug's open.
> >
> > Stuart,
> >
> > This does not help, I believe. Dimitri has other issue.
> >
> >> Cheers,
> >> Stuart
> >>
> >>> Thanks, Stu. I'll look forward to you or Simon
> >>> pointing me in the right direction. I'd really like
> >>> to get the audit working; it seems worthwhile.
> >>>
> >>> As I also mentioned finding the scap for
> >>> CentOS5/RHEL5. If anyone has found or created this,
> >>> I'd be grateful if you could share it with me.
> >>>
> >>> Dimitri
> >>>
> >>> On Tuesday 06 August 2013 5:07:20 pm Stuart Green
wrote:
> >>>> Hi Dimitri
> >>>>
> >>>> There's a bug in the released version that I helped
> >>>> find. Simon's sorted it, you can find the fix in
> >>>> nightly spacewalk-oscap (version 19 from memory). on
> >>>> my phone currently otherwise would provide direct
> >>>> link ;-) if you're not sure where to look either
> >>>> myself or Simon will point you in the right
> >>>> direction in about 12 hours from now.
> >>>>
> >>>> Cheers,
> >>>> Stu
> >>>>
> >>>> On 6 Aug 2013 18:21, "Dimitri Yioulos"
> >>>
> >>> <dyioulos at onpointfc.com> wrote:
> >>>>> Hi, List.
> >>>>>
> >>>>> I've been trying to use Audit/OpenSCAP Scans on my
> >>>>> Spacewalk 2.0. I've installed the requisite
> >>>>> packages (I think on both Spacewalk host and target
> >>>>> host. If I run:
> >>>>>
> >>>>> oscap xccdf eval --profile
> >>>>> test --results /var/www/html/results.xml --report
> >>>>> /var/www/html/report.html --cpe
> >>>>> /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dicti
> >>>>>onar y.xml
> >>>>> /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
> >>>>>
> >>>>> directly on the remote host, I not only get a nice
> >>>>> report to stdout, but also a nice report in HTML.
> >>>>> But, if I can't seem to get the audit set up to
> >>>>> work from Spacewalk. Has anyone set this up that
> >>>>> can show me the way?
> >>>>>
> >>>>> Also, I was able to DL the xccdf.xml file for
> >>>>> CentOS6/RHEL6, but can't find one for
> >>>>> CentOS5/RHEL5. Has anyone found or created one that
> >>>>> he/she is willing to share?
> >>>>>
> >>>>> As always, appreciated.
> >>>>>
> >>>>> Dimitri
> >>>>>
> >>>>> --
> >>>>> This message has been scanned for viruses and
> >>>>> dangerous content by MailScanner, and is
> >>>>> believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the Spacewalk-list
mailing list