Hi everyone!
I’m creating some checks for iptables. For a few of them, I’m using SCE with
OSCAP.
If I execute the oscap command with separated files (xccdf, oval, scripts…)
everything works as expected.
Now I’m trying to get one data stream file with everything inside.
I followed this tutorial http://isimluk.livejournal.com/3660.html
<http://isimluk.livejournal.com/3660.html> in order to get the ds file. But I’m
getting this errors:
[root@localhost SCETest]# /usr/local/bin/oscap ds sds-compose
iptables-xccdf.xml iptables-datastream.xml
File '/home/leia/SCETest/iptables-datastream.xml' line 2: Element
'{http://scap.nist.gov/schema/scap/source/1.2}extended-components': This
element is not expected. Expected is (
{http://scap.nist.gov/schema/scap/source/1.2}checks ).
OpenSCAP Error: Invalid SCAP Source Datastream (1.2) content in
/home/leia/SCETest/iptables-datastream.xml. [oscap_source.c:319]
And if I try to execute the oscap command with the created file I get this:
[root@localhost SCETest]# /usr/local/bin/oscap xccdf eval --profile
xccdf_com.wazuh.test_profile_Test --results report.xml iptables-ds.xml
OpenSCAP Error: File 'iptables-ds.xml' line 2: Element
'{http://scap.nist.gov/schema/scap/source/1.2}extended-components': This
element is not expected. Expected is (
{http://scap.nist.gov/schema/scap/source/1.2}checks ).
[xccdf_session.c:457]
Invalid SCAP Source Datastream (1.2) content in iptables-ds.xml.
[oscap_source.c:319]
Invalid SCAP Source Datastream (1.2) content in iptables-ds.xml
[xccdf_session.c:504]
I assume that is the same error…
Maybe someone can help me with this. I really appreciate your help!
Thank you so much!
Rocio_______________________________________________
Open-scap-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/open-scap-list
