Hi folks, I see that when I run the "oscap xccdf eval" operation with the "-remediate" option, the score that is reported does not consider the rules fixed by remediation. Given that the command is eval, this seems fine but it is not consistent because the HTML report actually prints the fixed rules as passed, it doesn't distinguish them. So the next time I run an eval operation, the report says the rules passed are same but my score has been updated. This causes a bit of confusion to someone who just views the reports, for the same set of rules passing, a different score in different reports!
I had a quick look at function xccdf_item_get_default_score() in src/XCCDF/result_scoring.c which seems to be counting score as 100 for XCCDF_RESULT_PASS OR XCCDF_RESULT_FIXED. Not sure if the problem is because I am using the command wrong. If this is indeed a bug, I can take a closer look at it. Thank you. Regards, Gautam.
_______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
