On 11/20/13, 9:15 AM, Vratislav Podzimek wrote:
The project page of the OSCAP Anaconda Addon [1] now has a section about
testing with links to the custom Fedora 20 compose with the OSCAP
Anaconda Addon included and to some testing files.
[1]https://fedorahosted.org/oscap-anaconda-addon/
Suggestions, comments and bug reports welcome.
That page is fantastic. The instructions are incredibly simple -- this
should greatly increase testing done by users. Thank you!
Attempted to perform an install against Fedora 20 SSG content [1], which
lead to BZ 1032846 [2] that was generated from the installer. After
reviewing the BZ, it's clear my issue was that Anaconda expects a SCAP
Datastream and SSG content is expressed as a Benchmark.
1) When using SSG content for "fetch," an error was thrown regarding SSG
not being a datastream. After submitting the bugzilla the entire install
crashed/rebooted, instead of giving me the option to use another
datastream URL or continue without SCAP addon enabled. Is that expected
behavior?
2) Will Benchmark content be accepted in the future, or must content be
in datastream formats? If datastream, we're looking at a fundamental
change to how SSG content is expressed. That's not necessarily a bad
thing, just want to start the conversation and understand your direction :)
3) Nit pick. After fetching your datastream content [3] I was brought to
the "profile selection" screen where options included "testing profile"
and "testing profile2". My natural reaction was to double-click on the
profile names -- and after nothing happened -- I finally noticed the
"Select Profile" button. Would it be possible to edit the workflow so
that users could double click on the profile?
[1]
http://people.redhat.com/swells/scap-security-guide/Fedora/output/ssg-fedora-xccdf.xml
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1032846
[3] http://vpodzime.fedorapeople.org/oscap-anaconda-addon/testing_ds.xml
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
