Using RHEL 5.11 Built openscap-1.1.1 xccdf.xml source from Downloaded "Red Hat 5 Manual STIG - Version 1, Release 8" from http://iase.disa.mil/stigs/os/unix-linux/Pages/red-hat.aspx
That contains the U_RedHat_5_V1R8_Manual-xccdf.xml file. I just tried running it, and all results show "notapplicable" Looking through the docs, it does seem to point out, and google seems to also point out that I need to be running on the right platform. It seems I am. This is truly a Redhat 5 workstation(or server), not CentOS. My command looks like this oscap xccdf eval --profile MAC-1_Public --results result.xml U_RedHat_5_V1R8_Manual-xccdf.xml The zip file from iase website didn't contain a CPE file, so I assumed one was not needed? Though I have a feeling this is my problem. NOTE, that when I running I do see this message to stderr WARNING: Skipping ./oval.xml file which is referenced from XCCDF content Really hoping to get this working, this seems a great tool.
-- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
