Hey Bond, As of SCAP Security Guide release 0.1.23, CentOS content is now available (any older version will require tweaking). See the announcement here: https://lists.fedorahosted.org/pipermail/scap-security-guide/2015-June/006462.html
You can download and build the SSG content from https://github.com/OpenSCAP/scap-security-guide When you run the XCCDF, you have to specify the CentOS XCCDF like below: # oscap xccdf eval --profile stig-rhel6-server-upstream \ --results /tmp/`hostname`-ssg-results.xml \ --report /tmp/`hostname`-ssg-results.html \ --cpe /usr/share/xml/scap/ssg/content/ssg-centos6-cpe-dictionary.xml \ /usr/share/xml/scap/ssg/content/ssg-centos6-xccdf.xml Please note that I believe that ssg-centos6-cpe-dictionary.xml is not being built with SSG. OpenSCAP is here: https://github.com/openscap/openscap and the announcement here: So I believe all that needs to be done is: # oscap xccdf eval --profile stig-rhel6-server-upstream \ --results /tmp/`hostname`-ssg-results.xml \ --report /tmp/`hostname`-ssg-results.html \ /usr/share/xml/scap/ssg/content/ssg-centos6-xccdf.xml Thanks, Gabe <https://lists.fedorahosted.org/pipermail/scap-security-guide/2015-June/006462.html> On Tue, Jun 30, 2015 at 3:56 PM, Bond Masuda <[email protected]> wrote: > Hello, > > Is there a guide on how to use the RHEL SCAP content for CentOS? When I > try to use it, I get a lot of "Result: notapplicable". What needs to be > done? > > I'm using it with OpenSCAP per the manual: > > # oscap xccdf eval --profile stig-rhel6-server-upstream \ > --results /tmp/`hostname`-ssg-results.xml \ > --report /tmp/`hostname`-ssg-results.html \ > --cpe /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionary.xml \ > /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml > > TIA, > -Bond > -- > SCAP Security Guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > https://github.com/OpenSCAP/scap-security-guide/
-- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
