** Description changed: - Dear Maintainer, + [Impact] - We are implementing SCAP content based on CIS and STIG compliance rules. - A good portion of these rules are beyond the scope of SCAP and OVAL, and - will require the Script Check Engine (SCE) facility provided by - OpenSCAP. However SCE is not enabled by default, and will require the - addition of the "--enable-sce" option in the "debian/rules" file to turn - it on. + Canonical security certification team is implementing SCAP content based + on CIS and STIG compliance rules. A good portion of these rules are + beyond the scope of SCAP and OVAL, and will require the Script Check + Engine (SCE) facility provided by OpenSCAP. + + SCE is not enabled by default, and will require the addition of the + "--enable-sce" option in the "debian/rules" file to turn it on. The + attached patch has all the necessary code change. + + + [Test Case] + + run the command "oscap --v", and without the SCE option, content under + "==== Capabilities added by auto-loaded plugins ====" will be empty. + With the SCE option turned on, we'll see the following: + + ==== Capabilities added by auto-loaded plugins ==== + SCE Version: 1.0 (from libopenscap_sce.so.8) + + + [Regression Potential] + + Using the same patch attached to this bug report, Canonical security + certification team has created a PPA here: + https://launchpad.net/~guanym/+archive/ubuntu/ppa. The team is actively + using the PPA to develop SCAP content, including shell and python + scripts for SCE consumption. No regression has been noticed. + + + [Other Info] + + A similar bug report has been submitted to Debian.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1658792 Title: libopenscap8: Enable SCE option to make broader SCAP content available for Ubuntu users To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openscap/+bug/1658792/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs