Hello Ray, thank you for checking with us.
----- Original Message ----- > From: "Ray V CTR USARMY ARL Shaw (US)" <[email protected]> > To: [email protected] > Sent: Friday, May 9, 2014 3:28:18 PM > Subject: SCC (UNCLASSIFIED) > > Classification: UNCLASSIFIED > Caveats: NONE > > I remember that there were issues with the SSG content and RHEL6 (due to SCC > not supporting a sufficient version of...XCCDF? SCAP?). But previously, I > could still use SCC with the SSG content; it would just generate a few more > false positives than using OpenSCAP. Admittedly, it has been a while since > I tried. > > Now, when trying SCC 3.1.2, I can't make it run at all. After importing the > zip file (generated from git) and selecting the stig-rhel6-server-upstream > profile, a scan finishes almost immediately with: > > The SCAP content stream <ssg-rhel6-> is not applicable to this > platform per the CPE definitions > > I've tried on both RHEL6 Workstation and Server, and I've also tried > stripping the <platform> information from the XML files. > > I'm attempting this for two reasons, as otherwise I'm perfectly happy > scanning with OpenSCAP. SCC has the ability to run a check on a single rule > at a time, which is useful. Also, I have an inspection soon, and they may > want me to use it. Does SCC have a possibility to check just one OVAL definition? If so, could you try to run the SCC alternative to the following OpenSCAP command and let us know it's output:? # oscap oval eval --id oval:ssg:def:100 ssg-rhel6-oval.xml The oval:ssg:def:100 definition checks if the installed version of the OS is RHEL-6 (above evaluation returns true with OpenSCAP on RHEL-6). So wondering if the not applicable problem can't come from different evaluation of this rule. Also, have you tried to explicitly provide RHEL-6 CPE file (ssg-rhel6-cpe-dictionary.xml) to SCC? Still the same output? Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Technologies Team > > -- > Ray Shaw (Contractor, STG) > Army Research Laboratory > CIO, Unix Support > > > > Classification: UNCLASSIFIED > Caveats: NONE _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
