Hi, You're correct it's missing CPE dictionary and CPE OVAL. The files are located here: https://github.com/OpenSCAP/openscap/blob/maint-1.2/cpe/openscap-cpe-dict.xml https://github.com/OpenSCAP/openscap/blob/maint-1.2/cpe/openscap-cpe-oval.xml They're list of platform definitions based on which the platform applicability of SCAP content is determined. OpenSCAP expect them to be present in '/usr/share/openscap/cpe/'
I'm not an Ubuntu user, so I'm only guessing, but I think that downloading these files and saving them to '/usr/share/openscap/cpe/' should help. This is probably a bug in Ubuntu packaging, because it seems Ubuntu doesn't ship these files in its packages, but they are required by OpenSCAP to work correctly. You can try to file a bug report on Ubuntu. Regards Jan Černý Security Technologies | Red Hat, Inc. ----- Original Message ----- > From: "Todd Williams" <tod...@us.ibm.com> > To: "Jan Cerny" <jce...@redhat.com> > Sent: Friday, February 1, 2019 4:35:50 PM > Subject: Re: [Open-scap] Ubuntu Security Guide content > > > Hi Jan, > > So I was able to use ssg-ubuntu1804-ds.xml in scap-workbench on Ubuntu > 18.4, and I got this error when I ran the scan > > > 14:27:38 > info > SCAP Workbench 1.1.5, compiled with Qt 4.8.7, using OpenSCAP 1.2.15 > > > 14:28:16 > info > Opened file '/root/scap-security-guide-0.1.42/ssg-ubuntu1804-ds.xml'. > > > 14:28:25 > info > Querying capabilities... > > > 14:28:25 > info > Creating temporary files... > > > 14:28:25 > info > Starting the oscap process... > > > 14:28:25 > info > Processing... > > > 14:28:30 > error > The 'oscap' process has written the following content to stderr: OpenSCAP > Error: Unable to open file: > '/usr/share/openscap/cpe/openscap-cpe-dict.xml' > [../../../src/source/oscap_source.c:284] > > > > 14:28:30 > error > The 'oscap' process has written the following content to stderr: Failed to > add default CPE to newly created CPE Session. > [../../../src/CPE/cpe_session.c:58] > > > 14:28:30 > info > The oscap tool has finished. Reading results... > > > 14:28:30 > info > Processing has been finished! > > > 14:28:58 > info > Querying capabilities... > > > 14:28:58 > info > Creating temporary files... > > > 14:28:58 > info > Starting the oscap process... > > > 14:28:58 > info > Processing... > > > 14:29:00 > error > The 'oscap' process has written the following content to stderr: OpenSCAP > Error: Unable to open file: > '/usr/share/openscap/cpe/openscap-cpe-dict.xml' > [../../../src/source/oscap_source.c:284] > > > > 14:29:00 > error > The 'oscap' process has written the following content to stderr: Failed to > add default CPE to newly created CPE Session. > [../../../src/CPE/cpe_session.c:58] > > > 14:29:00 > info > The oscap tool has finished. Reading results... > > > 14:29:00 > info > Processing has been finished! > > > So I went to /usr/share/openscap/cpe and the only file there is the README, > so I read it and it pointed me to https://nvd.nist.gov/Products/CPE. I > found these files there: > official-cpe-dictionary_v2.3.xml.gz > official-cpe-dictionary_v2.2.xml.gz > Can I rename and use 1 of these? > > I have it setup and running on RHEL 7.6 and when I look at that dir on that > system it has 2 files, can I use them? > openscap-cpe-dict.xml > openscap-cpe-oval.xml > > > BTW, the setup for RHEL goes much smoother than Ubuntu.. > > > > > Thanks, > Todd M. Williams > Unix System Admin, devIT-US, > AIX/Linux/CC/CQ/SPoRT/DB2 > Phone: 772-257-5706 | Mobile: 772-925-2042 > E-Mail: tod...@us.ibm.com > devIT > > > > > > > > From: Jan Cerny <jce...@redhat.com> > To: Todd Williams <tod...@us.ibm.com> > Cc: open-scap-list@redhat.com > Date: 01/31/2019 03:57 AM > Subject: Re: [Open-scap] Ubuntu Security Guide content > > > > Hi Todd, > > The security content is provided by "ComplianceAsCode" project, which was > up until recently known as "SCAP Security Guide" or "SSG". > See > https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ComplianceAsCode_content&d=DwIFaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=4BwPnN3sPgNQjvaJ-rrOQD9wYgWK1vlNlqk921f9rTw&m=barf9ggX12ptwUtL39Zr4DrVw-plD8VA-rt4jH2TyNY&s=vNHYFU2k7A2CSeZR_c_PoqpDjWzZyFy8U9Hlze2Zwis&e= > > > The security content is packaged in Ubuntu since Ubuntu 18.04 (Bionic > Beaver). > The packages are: ssg-base, ssg-debderived, ssg-debian, ssg-nondebian, > ssg-applications. > > However, the packages contain outdated versions of upstream content, and > AFAIK > the content in the packages is applicable to Ubuntu 16.04 an 14.04. That is > kind of useless on 18.04 :) > > Therefore, I suggest downloading the latest upstream release from GitHub: > https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_ComplianceAsCode_content_releases_download_v0.1.42_scap-2Dsecurity-2Dguide-2D0.1.42.zip&d=DwIFaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=4BwPnN3sPgNQjvaJ-rrOQD9wYgWK1vlNlqk921f9rTw&m=barf9ggX12ptwUtL39Zr4DrVw-plD8VA-rt4jH2TyNY&s=GptJ9IxTd3-Np6P-SIHAUZuzbMwBN7Wb8PtIx3KameE&e= > > Extract the archive and then open ssg-ubuntu1804-ds.xml in SCAP Workbench. > > Thank you very much for reminding us about the outdated web site. I will > try > to update the web soon. > > Best Regards > > Jan Černý > Security Technologies | Red Hat, Inc. > > > > ----- Original Message ----- > > From: "Todd Williams" <tod...@us.ibm.com> > > To: open-scap-list@redhat.com > > Sent: Wednesday, January 30, 2019 6:58:40 PM > > Subject: [Open-scap] Ubuntu Security Guide content > > > > > > > > Hello, > > > > I am new to SCAP and have been tasked with setting it up on a Ubuntu test > > system. It is running Ubuntu 18.04.1 LTS. I have these 2 packages > installed: > > > > libopenscap8/bionic,now 1.2.15-1build1 amd64 [installed] > > scap-workbench/bionic,now 1.1.5-1 amd64 [installed] > > > > I can bring up the GUI for the workbench, but with no security content I > am > > stuck as far as being able to run a scan and/or editing the security > > requirements. According to the web site there is no security guide for > > Ubuntu. > > > > > > > > But I have been told that there is a package for Ubuntu out there, > "apt-get > > list" did not return anything, can someone tell if there is or not? > > > > > > > > Thanks, > > Todd M. Williams > > Unix System Admin, devIT-US, AIX/Linux/CC/CQ/SPoRT/DB2 > > Phone: 772-257-5706 | Mobile: 772-925-2042 > > E-Mail: tod...@us.ibm.com > > devIT > > > > > > _______________________________________________ > > Open-scap-list mailing list > > Open-scap-list@redhat.com > > > https://urldefense.proofpoint.com/v2/url?u=https-3A__www.redhat.com_mailman_listinfo_open-2Dscap-2Dlist&d=DwIFaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=4BwPnN3sPgNQjvaJ-rrOQD9wYgWK1vlNlqk921f9rTw&m=barf9ggX12ptwUtL39Zr4DrVw-plD8VA-rt4jH2TyNY&s=kdZJkE-OdFBK63L1uDxwv2iEG2aif_xR_Ad9o_xmqhQ&e= > > > > > _______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list
