Hello everybody, I'm still working in checking how many STIG rules have implemented checks in OpenSCAP profiles. When executing oscap eval command, I identified that there are several checks in status notchecked.
After some investigation, I identified that there was no oval checks availables for these rules. After reading some documentation about OVAL language, I was wondering if it will be possible to implement a check for these rules. For example, for the rule "homedirs must exist", the check consists in doing a "pwchk -r" in order to identify if the homedirs exists or not. With a shell script I know how to do that but in OVAL, i'm not sure if it is possible. So I have several questions about these kind of checks : - Is it possible to implement them using OVAL with an oval rule which can do result command checks ? - Is it possible to implement these checks using another language. I heard about SCE but it seems to be only for OpenSCAP. - Will these checks stay manual checks with notchecked status on SSG ? Thanks for your answers. Regards, Olivier Bonhomme _______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected]
