On 6/30/15 6:54 PM, Gabe Alford wrote:
Hey Bond,
As of SCAP Security Guide release 0.1.23, CentOS content is now
available (any older version will require tweaking). See the
announcement here:
https://lists.fedorahosted.org/pipermail/scap-security-guide/2015-June/006462.html
You can download and build the SSG content from
https://github.com/OpenSCAP/scap-security-guide
Spot on. CentOS users can now clone the repo, run make, and they'll see
various CentOS content files generated.
When you run the XCCDF, you have to specify the CentOS XCCDF like below:
# oscap xccdf eval --profile stig-rhel6-server-upstream \
--results /tmp/`hostname`-ssg-results.xml \
--report /tmp/`hostname`-ssg-results.html \
--cpe
/usr/share/xml/scap/ssg/content/ssg-centos6-cpe-dictionary.xml \
/usr/share/xml/scap/ssg/content/ssg-centos6-xccdf.xml
Please note that I believe that ssg-centos6-cpe-dictionary.xml is not
being built with SSG. OpenSCAP is here:
https://github.com/openscap/openscap and the announcement here: So I
believe all that needs to be done is:
# oscap xccdf eval --profile stig-rhel6-server-upstream \
--results /tmp/`hostname`-ssg-results.xml \
--report /tmp/`hostname`-ssg-results.html \
/usr/share/xml/scap/ssg/content/ssg-centos6-xccdf.xml
Thanks,
--
Shawn Wells
Director, Innovation Programs
[email protected] | 443.534.0130
@shawndwells
--
SCAP Security Guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/
