For rule id: ensure_redhat_gpgkey_installed, it appears to be looking for /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release. I'm sure this works fine for RHEL, but the CentOS content also references this same test, which will fail since it should be looking for /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 instead. Perhaps a slightly modified version of the test is necessary for the various derivatives of RHEL like CentOS?
-Bond -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
