[Spacewalk-list] OpenScap/SSG and CentOS

Waldirio Manhães Pinheiro waldirio at gmail.com
Sun Nov 2 12:33:26 UTC 2014 

Dear Uğur, good morning

Tnx for reply, I was in deep with the conf files and discovered a few hours
ago.

Bellow some command to change conf files and turn available to CentOS

[root at deskx content]# yum install scap-security-guide -y

[root at deskx content]# sed -i -e "s#<platform>Red Hat Enterprise Linux
6</platform>#<platform>CentOS 6</platform>##g"
/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
[root at deskx content]# sed -i -e
"s#cpe:/o:redhat:enterprise_linux:6#cpe:/o:centos:centos:6##g"
/usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml
[root at deskx content]# sed -i -e
"s#cpe:/o:redhat:enterprise_linux#cpe:/o:centos:centos##g"
/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml

after this, just run the command, for example to server profile

[root at deskx content]# oscap xccdf eval --profile server ssg-rhel6-xccdf.xml
...
Title   Mount Remote Filesystems with nosuid
Rule    use_nosuid_option_on_nfs_mounts
Ident   CCE-26972-0
Result  pass

Title   Require Client SMB Packet Signing, if using smbclient
Rule    require_smb_client_signing
Ident   CCE-26328-5
Result  fail

Title   Require Client SMB Packet Signing, if using mount.cifs
Rule    require_smb_client_signing_mount.cifs
Ident   CCE-26792-2
Result  pass

[root at deskx content]# cat /etc/redhat-release
CentOS release 6.5 (Final)
[root at deskx content]#

B'Regards

______________
Atenciosamente
Waldirio
msn: waldirio at gmail.com
Skype: waldirio
Site: www.waldirio.com.br
Blog: blog.waldirio.com.br
LinkedIn: http://br.linkedin.com/pub/waldirio-pinheiro/22/b21/646
PGP: www.waldirio.com.br/public.html

On Sun, Nov 2, 2014 at 9:12 AM, Uğur Engin <mail at ugurengin.com> wrote:

>
> Hello,
>
> Of course, you can use it properly.However you must be change some values
> in xml files where is stored in openscap directory.
>
> For example CNT6:
>
> Change these values "cpe:/o:redhat:enterprise_linux:6" to
> cpe:/o:centos:centos:6
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1085977
>
>
> On Sun, Nov 2, 2014 at 11:17 AM, Waldirio Manhães Pinheiro <
> waldirio at gmail.com> wrote:
>
>> Friends, good morning
>>
>> Is it possible use SSG with CentOS ?!, I've this environment with rhel
>> and works fine, although I would like to configure in CentOS.
>>
>> Thanks in advanced!
>>
>> ______________
>> Atenciosamente
>> Waldirio
>> msn: waldirio at gmail.com
>> Skype: waldirio
>> Site: www.waldirio.com.br
>> Blog: blog.waldirio.com.br
>> LinkedIn: http://br.linkedin.com/pub/waldirio-pinheiro/22/b21/646
>> PGP: www.waldirio.com.br/public.html
>>
>> _______________________________________________
>> Spacewalk-list mailing list
>> Spacewalk-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/spacewalk-list
>>
>
>
> _______________________________________________
> Spacewalk-list mailing list
> Spacewalk-list at redhat.com
> https://www.redhat.com/mailman/listinfo/spacewalk-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20141102/1d1d059b/attachment.htm>

More information about the Spacewalk-list mailing list