I'm an IT student and using CentOS as a way to study for RHCSA/CE and want to ensure that I understand the installation process and security policies fully. However, the installation documentation doesn't match the actual installation process.
It doesn't matter what you put in the address box, everything is invalid content. Before you ask, network is fully configured. No difference between NAT and bridged modes in virtualbox, and I can set network time and add additional repositories via a mirrorlist to the installation source just fine.From the Installation Summary window, click Security Policy. The Security Policy window opens.
To enable security policies on the system, toggle the Apply security policy switch to ON.
Select one of the profiles listed in the top pane.
Click Select profile.
Click Change content to use a custom profile. A separate window opens allowing you to enter a URL for valid security content.
Click Fetch to retrieve the URL.
Click Use SCAP Security Guide to return to the Security Policy window.
Click Done to apply the settings and return to the Installation Summary window.
I'm unsure of how to implement this after the installation.
Code: Select all
ls /usr/share/xml/scap/ssg/content/
Code: Select all
oscap xccdf eval --profile ospp /usr/share/xml/scap/ssg/content/ssg-rhel8-xccdf.xml
You can find a Centos 8 profile (xccdf_org.ssgproject.content_profile_standard) with the following command line snippet for it: (and it's the same as the RHEL 8 profile)
Code: Select all
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard \
/usr/share/xml/scap/ssg/content/ssg-centos8-ds.xml
Code: Select all
oscap -V