Running Openscap scans

Support for security such as Firewalls and securing linux
Post Reply
droidus
Posts: 19
Joined: 2018/10/14 13:23:12

Running Openscap scans

Post by droidus » 2019/10/26 23:31:57

I am trying to run openscap scans. I tried the following:

Code: Select all

sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa --report /tmp/report.html /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml
and

Code: Select all

sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_ospp --report /tmp/report.html /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml
But they all return with a status of "notapplicable".
How can I run these?

teknohippie
Posts: 1
Joined: 2019/05/14 02:24:36

Re: Running Openscap scans

Post by teknohippie » 2019/12/09 18:20:00

I find myself facing this same issue.
Has anyone else encountered this or discovered a solution?

FtEustis
Posts: 1
Joined: 2019/12/12 14:50:18

Re: Running Openscap scans

Post by FtEustis » 2019/12/12 14:55:49

I'm having the same issue, and would love to figure it out. So far I've learned it has something to do with CPE, and how OSCAP is looking for RHEL 7 while running the DISA content. Still searching.

fassl
Posts: 2
Joined: 2020/03/30 06:32:11

Re: Running Openscap scans

Post by fassl » 2020/03/30 06:36:00

The nuclear option is to do the following:

Code: Select all

sudo sed -i \
  -e 's|idref="cpe:/o:redhat:enterprise_linux|idref="cpe:/o:centos:centos|g' \
  -e 's|ref_id="cpe:/o:redhat:enterprise_linux|ref_id="cpe:/o:centos:centos|g' \
  /usr/share/xml/scap/ssg/content/ssg-rhel*.xml
It seems the tests are set explicitly for redhat:enterprise_linux but i cannot be sure.

regards

fassl
Posts: 2
Joined: 2020/03/30 06:32:11

Re: Running Openscap scans

Post by fassl » 2020/03/30 12:57:31

I just found this: https://github.com/ComplianceAsCode/content/releases

The releases contain centos xmls and when you get the source code you can build them yourself with:

Code: Select all

./build_product --derivatives rhel?

Post Reply

Return to “CentOS 8 - Security Support”