I just downloaded the RHEL7 SCAP content and was 'playing' with it on a CentOS
6 system. I found that in order to make the checks run I needed to add
'cpe:/o:centos:centos:6' in a <platform> tag near the beginning of the XCCDF
component. I found this, in part, from various posts on the interwebs. I'm
really curious how this validation occurs and where the information comes from
on the target OS. Can anyone give me insight to this issue?
Thanks,
-Les
--
SCAP Security Guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
