Thank you so much Martin! That solved my problem!
:) *Rocio Romero * On Wed, Jun 22, 2016 at 11:52 AM, Martin Preisler <[email protected]> wrote: > ----- Original Message ----- > > From: "Rocio Romero" <[email protected]> > > To: [email protected] > > Sent: Tuesday, June 21, 2016 7:12:32 PM > > Subject: [Open-scap] Create Datastream from xml with SCE > > > > Hi everyone! > > Hi Rocio! > > > I’m creating some checks for iptables. For a few of them, I’m using SCE > with > > OSCAP. > > > > If I execute the oscap command with separated files (xccdf, oval, > scripts…) > > everything works as expected. > > > > Now I’m trying to get one data stream file with everything inside. > > > > I followed this tutorial http://isimluk.livejournal.com/3660.html > > <http://isimluk.livejournal.com/3660.html> in order to get the ds file. > But > > I’m getting this errors: > > > > [root@localhost SCETest]# /usr/local/bin/oscap ds sds-compose > > iptables-xccdf.xml iptables-datastream.xml > > File '/home/leia/SCETest/iptables-datastream.xml' line 2: Element > > '{http://scap.nist.gov/schema/scap/source/1.2}extended-components': This > > element is not expected. Expected is ( > > {http://scap.nist.gov/schema/scap/source/1.2}checks ). > > OpenSCAP Error: Invalid SCAP Source Datastream (1.2) content in > > /home/leia/SCETest/iptables-datastream.xml. [oscap_source.c:319] > > Source DataStream requires the <checks> element to be present and have at > least one check component. As a simple workaround I recommend adding a rule > that references an OVAL file. The OVAL file can have only one check - > the check referenced by the Rule. > > With this workaround the validation requirements of SDS will be fulfilled. > > > And if I try to execute the oscap command with the created file I get > this: > > > > [root@localhost SCETest]# /usr/local/bin/oscap xccdf eval --profile > > xccdf_com.wazuh.test_profile_Test --results report.xml iptables-ds.xml > > OpenSCAP Error: File 'iptables-ds.xml' line 2: Element > > '{http://scap.nist.gov/schema/scap/source/1.2}extended-components': This > > element is not expected. Expected is ( > > {http://scap.nist.gov/schema/scap/source/1.2}checks ). > > [xccdf_session.c:457] > > Invalid SCAP Source Datastream (1.2) content in iptables-ds.xml. > > [oscap_source.c:319] > > Invalid SCAP Source Datastream (1.2) content in iptables-ds.xml > > [xccdf_session.c:504] > > > > I assume that is the same error… > > Yes, this is the same error. > > > Maybe someone can help me with this. I really appreciate your help! > > Hope this helps! > > -- > Martin Preisler > Identity Management and Platform Security | Red Hat, Inc. >
_______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
