Gabe, Thanks for providing the links to SSG's integration of CentOS!
Greg On Tue, Jun 30, 2015 at 6:54 PM, Gabe Alford <[email protected]> wrote: > Hey Bond, > > As of SCAP Security Guide release 0.1.23, CentOS content is now available > (any older version will require tweaking). See the announcement here: > https://lists.fedorahosted.org/pipermail/scap-security-guide/2015-June/006462.html > > You can download and build the SSG content from > https://github.com/OpenSCAP/scap-security-guide > > When you run the XCCDF, you have to specify the CentOS XCCDF like below: > > # oscap xccdf eval --profile stig-rhel6-server-upstream \ > --results /tmp/`hostname`-ssg-results.xml \ > --report /tmp/`hostname`-ssg-results.html \ > --cpe /usr/share/xml/scap/ssg/content/ssg-centos6-cpe-dictionary.xml \ > /usr/share/xml/scap/ssg/content/ssg-centos6-xccdf.xml > > Please note that I believe that ssg-centos6-cpe-dictionary.xml is not > being built with SSG. OpenSCAP is here: > https://github.com/openscap/openscap and the announcement here: So I > believe all that needs to be done is: > > # oscap xccdf eval --profile stig-rhel6-server-upstream \ > --results /tmp/`hostname`-ssg-results.xml \ > --report /tmp/`hostname`-ssg-results.html \ > /usr/share/xml/scap/ssg/content/ssg-centos6-xccdf.xml > > Thanks, > > Gabe > > <https://lists.fedorahosted.org/pipermail/scap-security-guide/2015-June/006462.html> > > On Tue, Jun 30, 2015 at 3:56 PM, Bond Masuda <[email protected]> > wrote: > >> Hello, >> >> Is there a guide on how to use the RHEL SCAP content for CentOS? When I >> try to use it, I get a lot of "Result: notapplicable". What needs to be >> done? >> >> I'm using it with OpenSCAP per the manual: >> >> # oscap xccdf eval --profile stig-rhel6-server-upstream \ >> --results /tmp/`hostname`-ssg-results.xml \ >> --report /tmp/`hostname`-ssg-results.html \ >> --cpe /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionary.xml \ >> /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml >> >> TIA, >> -Bond >> -- >> SCAP Security Guide mailing list >> [email protected] >> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide >> https://github.com/OpenSCAP/scap-security-guide/ > > > > -- > SCAP Security Guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > https://github.com/OpenSCAP/scap-security-guide/ >
-- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
