Thanks, Gautam. I will follow as you suggested. Stay in touch!
________________________________________
From: open-scap-list-boun...@redhat.com <open-scap-list-boun...@redhat.com> on
behalf of open-scap-list-requ...@redhat.com <open-scap-list-requ...@redhat.com>
Sent: Monday, April 4, 2016 9:30 PM
To: open-scap-list@redhat.com
Subject: Open-scap-list Digest, Vol 85, Issue 4
Send Open-scap-list mailing list submissions to
open-scap-list@redhat.com
To subscribe or unsubscribe via the World Wide Web, visit
https://www.redhat.com/mailman/listinfo/open-scap-list
or, via email, send a message with subject or body 'help' to
open-scap-list-requ...@redhat.com
You can reach the person managing the list at
open-scap-list-ow...@redhat.com
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Open-scap-list digest..."
Today's Topics:
1. All those beautiful days ... (?imon Luka??k)
2. Re: OVAL content authoring tool (S, Gautam)
3. Re: Template for file pattern match (S, Gautam)
4. Re: All those beautiful days ... (Peter Vrabec)
----------------------------------------------------------------------
Message: 1
Date: Mon, 4 Apr 2016 10:25:34 +0200
From: ?imon Luka??k <sluka...@redhat.com>
To: "open-scap-list@redhat.com" <open-scap-list@redhat.com>
Subject: [Open-scap] All those beautiful days ...
Message-ID: <570224fe.2090...@redhat.com>
Content-Type: text/plain; charset=utf-8
Hiya,
I step aside from lead developer role in the OpenSCAP ecosystem, so I
can focus on things under the hood of manageiq.org
Just wanted to drop a note that I am changing my mindset towards
ecosystem today. I may contribute here and there whenever I enjoy it,
however I may not be able to respond to all the opened questions we may
have.
You have been amazing community! I had a great time here and I wish the
OpenSCAP good luck going forward!
Cheers,
~?.
------------------------------
Message: 2
Date: Mon, 4 Apr 2016 08:26:49 +0000
From: "S, Gautam" <gaut...@hpe.com>
To: "open-scap-list@redhat.com" <open-scap-list@redhat.com>
Subject: Re: [Open-scap] OVAL content authoring tool
Message-ID:
<tu4pr84mb00782df1fbac4370c4ee0944b0...@tu4pr84mb0078.namprd84.prod.outlook.com>
Content-Type: text/plain; charset="us-ascii"
Hi Pravin,
I had done a trial of a similar exercise recently and these are the
observations I have. Please note that my final intent was to create both XCCDF
and OVAL files, so some things might be relevant in your case. In case the
community is interested, I can make patches available.
Assuming you have a directory structure similar to "/RHEL/6" for "SLES/11" with
all the Make, python, template files etc. in place:
1) Change the platform CPE in <<SLES>>/input/guide.xml: <platform
idref="cpe:/o:suse:sles:11" />
3) MakeFile changes:
Renamed the product: PROD = sles11
Commented out the enable-derivative modules as they do not
recognize SLES anyhow.
4) Changed the CPE dictionary input/oval/platform/sles-cpe-dictionary.xml using
oscap CPE dictionary as reference.
5) Added the CPE OVAL implementation
../../shared/oval/installed_OS_is_sles11.xml
6) Modified python modules ../../shared/transforms/combineremediations.py and
../../shared/transforms/combineovals.py
a) Added MakeFile target mapping for SLES
b) Added SLES switch case in map_product()
c) Added support for multi-digit version number >>> Currently
the modules assume that the version number is the last one digit.
d) Added sles in multi-platform checks
7) Updated the OVAL file pointer in <xsl:variable name="ovalfile"> in
/input/transforms/shorthand2xccdf.xslt
8) I believe you can reuse the templates and Python modules that transform
them, they worked for me; I just updated the platform.
Thank you.
Regards,
Gautam.
------------------------------
Message: 3
Date: Mon, 4 Apr 2016 09:00:10 +0000
From: "S, Gautam" <gaut...@hpe.com>
To: "open-scap-list@redhat.com" <open-scap-list@redhat.com>
Subject: Re: [Open-scap] Template for file pattern match
Message-ID:
<tu4pr84mb0078de5ab978d4d36f7d263cb0...@tu4pr84mb0078.namprd84.prod.outlook.com>
Content-Type: text/plain; charset="us-ascii"
Hi Pravin,
This was something I also wondered about. However, there are some subtle
aspects that might affect this which I learned once I gave it a shot.
1) Not all pattern matches are same. Some search whether a pattern exists in a
file, some check for the absence, some check for the first match only, some for
all matches, some checks will involve external variables passed in as well. At
the very least, you will need </path/to/file>,<regex to
find>,<check_existence>,<instance> for basic ones.
2) You will have to keep the title, description and comments extremely generic
or else update them individually and they are generated. I found this to be a
huge deterrent to making everything into a template.
Thank you.
Regards,
Gautam.
------------------------------
Message: 4
Date: Mon, 4 Apr 2016 13:28:28 +0200
From: Peter Vrabec <pvra...@redhat.com>
To: open-scap-list@redhat.com
Subject: Re: [Open-scap] All those beautiful days ...
Message-ID: <57024fdc.7050...@redhat.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Hi Simon,
thanks for all your great work and I wish you good luck with the new
projects and challenges!
Peter.
On 04/04/2016 10:25 AM, ?imon Luka??k wrote:
> Hiya,
>
> I step aside from lead developer role in the OpenSCAP ecosystem, so I
> can focus on things under the hood of manageiq.org
>
> Just wanted to drop a note that I am changing my mindset towards
> ecosystem today. I may contribute here and there whenever I enjoy it,
> however I may not be able to respond to all the opened questions we may
> have.
>
> You have been amazing community! I had a great time here and I wish the
> OpenSCAP good luck going forward!
>
> Cheers,
> ~?.
>
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list@redhat.com
> https://www.redhat.com/mailman/listinfo/open-scap-list
>
--
Peter Vrabec
Engineering Manager, Security Technologies
Red Hat, Inc.
------------------------------
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list
End of Open-scap-list Digest, Vol 85, Issue 4
*********************************************
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list
