Hello Radzy, > I'm trying to figure out how to go about investigating why "notapplicable" > is returned. Mostly, I'm working with a new directory for WR Linux.
Are you saying that all checks return "notapplicable" when you run a scan? Or are you saying that you created a custom OVAL and the OVAL itself is returning "notapplicable"? Thanks, Gabe On Mon, Jul 11, 2016 at 12:15 PM, <[email protected]> wrote: > Hi folks > > I'm trying to figure out how to go about investigating why "notapplicable" > is returned. Mostly, I'm working with a new directory for WR Linux. > > However, I also see that for Fedora, there are four rules that are > commented out with a comment: > > The following rules currently returns 'notapplicable' on Fedora > container > Investigate why, fix the issues, and re-enable back once fixed > > The specific rules that are commented out are: > > accounts_password_all_shadowed > root_path_no_dot > mount_option_dev_shm_nodev > mount_option_dev_shm_nosuid > > When I tried to reproduce this, I find that accounts_password_all_shadowed > passes on a vanilla Fedora 23 installation. Maybe it's different on a > container-based install than on an install on a plain old laptop. > > root_path_no_dot appears to be malformed, with various pieces missing. > > The other two don't show up in my output results at all. Not sure why. > They do appear to be present in the DS file, and I haven't yet found any > reason to consider them malformed. > > But my general question is about the procedure to go about this > investigation. Is there a document that gives hints about the > best way to do this ? I've looked for one, but haven't found it. > What I've done so far is largely manual, and it has been somewhat > awkward getting the results. (Mostly, I've tried to investigate > WR Linux, but the Fedora issues seemed like a good thing to use > for more experience.) > > Any help would be appreciated. > > Enjoy! > > -- radzy > -- > SCAP Security Guide mailing list > [email protected] > > https://lists.fedorahosted.org/admin/lists/[email protected] > https://github.com/OpenSCAP/scap-security-guide/ >
-- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected] https://github.com/OpenSCAP/scap-security-guide/
