Ugh..yeah, all of my compliance CI tests just broke! Well, I'll give this a bit and if it doesn't pan out resurrect my RHEL => CentOS conversion script.
Alternatively, RHEL could post a Vagrant image with an active trial license already hooked up to valid repos....alas, the holidays have already passed. It is currently, non trivial to get working in a CI environment. Trevor On Fri, Dec 28, 2018 at 3:01 PM James Cassell <[email protected]> wrote: > On Fri, Dec 28, 2018, at 2:31 PM, Trevor Vaughan wrote: > > Could there be an opt-in compile option? > > > > Something like > > --yes-i-know-this-isnt-official-but-im-using-this-for-testing-centos-plz > > > > Right now, I use these as a quick test to make sure that nothing silly > > broke using free resources with CentOS VMs. I certainly understand that > > this does not guarantee RHEL compatibility, etc... but it does let me > know > > if something insane happened and I can then go see if it's a CentOS mess > up > > or something that broken in either the SSG or RHEL. > > > > +1, I've needed this, too. > > > > > > > Trevor > > > > On Fri, Dec 28, 2018 at 2:22 PM Shawn Wells <[email protected]> wrote: > > > > > > > > On 12/28/18 11:06 AM, Chuck Atkins wrote: > > > > I just noticed that all the EL derivatives in the current SSG no > > > > longer get any of the government security profiles, only pci-dss and > > > > standard. What happend to all of te other profiles available for > RHEL7? > > > > > > > > > The ones for RHEL are still there, as are Ubuntu and OEL :) > > > > > > Derivatives (e.g. CentOS) don't have STIGs or other formal US Gov > config > > > baselines. Shipping baselines with formal names (e.g. STIG or NIST > > > National Checklist) for the derivatives was slightly misleading, and > > > some users thought derivatives held formal approvals (e.g. a CentOS > STIG > > > published by DISA). > > > > > > Other baselines, such as PCI-DSS, are generic and don't represent a > > > formal/"regulatory managed" baseline akin to DoD STIGs. > > > > > > That said, baselines for derivatives are still needed by some in the > > > community. Could be an opportunity for someone to create a "FISMA" or > > > "NIST 800-53" style baseline since those are open standards. > > > > > > _______________________________________________ > > > scap-security-guide mailing list -- > > > [email protected] > > > To unsubscribe send an email to > > > [email protected] > > > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > > > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > > > List Archives: > > > > https://lists.fedorahosted.org/archives/list/[email protected] > > > > > > > > > -- > > Trevor Vaughan > > Vice President, Onyx Point, Inc > > (410) 541-6699 x788 > > > > -- This account not approved for unencrypted proprietary information -- > > _______________________________________________ > > scap-security-guide mailing list -- scap-security- > > [email protected] > > To unsubscribe send an email to scap-security-guide- > > [email protected] > > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > > List Archives: > > > https://lists.fedorahosted.org/archives/list/[email protected] > _______________________________________________ > scap-security-guide mailing list -- > [email protected] > To unsubscribe send an email to > [email protected] > Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedorahosted.org/archives/list/[email protected] > -- Trevor Vaughan Vice President, Onyx Point, Inc (410) 541-6699 x788 -- This account not approved for unencrypted proprietary information --
_______________________________________________ scap-security-guide mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
