On 04/01/2016 05:07 PM, Šimon Lukašík wrote:
> Hello Gautam,
>
> Firstly, let me just express gratitude for in depth analysis. I applaud
> to engineering virtue. Well done!
>
> I would approach this thing as follows. I would connect with RPM
> maintainers in SuSE, why it needs to get exclusive lo
Hello Gautam,
Firstly, let me just express gratitude for in depth analysis. I applaud
to engineering virtue. Well done!
I would approach this thing as follows. I would connect with RPM
maintainers in SuSE, why it needs to get exclusive lock.
I am not equipped to claim which solution (rpm in RHEL
On 03/31/2016 06:01 AM, Pravin Goyal wrote:
> To be specific,
>
> 1st goal - Build oval content
> 2nd goal - Build remediation content
> 3rd goal - Merge with existing xccdf and create source ds
Try to clone Fedora/ directory. That contains only one or two profiles,
so it should be easier t
Hello Pravin,
I advise you what folks working on Debian/ directory has achieved.
Most of the checks will be the same for SuSE and Fedora derivatives. A
lot is shared with Debian as well.
There will be some differences though, like configuration file paths.
We try to leverage shared/ directory w
Hello Dragos,
This seems to be clearly bug. However, it seem to be already fixed in
upstream.
https://github.com/OpenSCAP/scap-security-guide/blob/master/shared/oval/rpm_verify_permissions.xml
So the future versions of scap-security-guide should have this fixed.
Thanks!
~š.
On 03/22/2016 11:04
Hello Dragos,
You are right. This is clearly bug in OpenSCAP. I have filed
https://github.com/OpenSCAP/openscap/issues/371 to track it.
Best,
~š.
On 03/22/2016 09:38 PM, Dragos Prisaca wrote:
> Hello,
>
>
>
> The value of @href attribute points to an XCCDF component instead of the
> OVAL res