On Thursday, April 6, 2017 10:20 PM, Luther Goh Lu Feng <elf...@yahoo.com>
wrote:
Thanks for the suggestion! I will most certainly attempt to install OpenSCAP
1.2.9 from testing.
I am still very much a noob figuring out my way around the various security
concepts such as OVAL, XCCDF. So pardon me if I indicate any wrong assumptions
as I have not fully yet read the manual.
In my debugging, I have ran $ oscap oval eval --results debian-2014.xml
--report debian-2014.html oval-definitions-2014.xml, and managed to get a
proper report. The oval definitions are from debian[1].
So questions:
- Does this successful run mean that OpenSCAP 1.0.9 supports OVAL 5.11 without
issues?
- Is OpenSCAP cli on par functionality wise with SCAP workbench?
[1] https://www.debian.org/security/oval/
On Thursday, April 6, 2017 4:50 PM, Jan Cerny <jce...@redhat.com> wrote:
Hi,
That is pretty cool that you want to run OpenSCAP on such a device.
I like it! You're the first person that I know running it on ARM :)
I think the problem is that Debian Jessie has OpenSCAP 1.0.9,
which is an old version that doesn't support systemd related tests
and it also can't process OVAL documents using OVAL standard 5.11,
which we use to write security policies. The error messages
look like that's the problem.
I suggest trying to backport OpenSCAP packages from Debian Testing (Stretch)
Debian Testing has OpenSCAP 1.2.9 that supports those new standards
and systemd.
Or you might try to compile the latest upstream release 1.2.14 directly from
the sources on Github [1] and install that on your device.
However I don't have an ARM machine with Debian, so I haven't verified
if there is any other issue :) If you encounter a problem,
please inform us. Thank you.
[1]
https://github.com/OpenSCAP/openscap/releases/download/1.2.14/openscap-1.2.14.tar.gz
Best regards
Jan Černý
Security Technologies | Red Hat, Inc.
----- Original Message -----
> From: "Luther Goh Lu Feng" <elf...@yahoo.com>
> To: open-scap-list@redhat.com
> Sent: Thursday, April 6, 2017 6:07:18 AM
> Subject: [Open-scap] Using scap workbench to scan Debian on Beaglebone Black
>
> I have installed SCAP Workbench on Mac OS X[1] and attempted to scan a
> Beaglebone Black with Debian installed remotely. Debian has been installed
> with OpenSCAP[2]. However the scan threw up a lot of errors and didn't
> complete. I am only including a small subset of the errors so as not to
> overwhelm readers with the amount of text. But am happy to furnish the full
> logs in pastebin if it is helpful. Hope to have some tips. Thanks!
>
>
> 13:28:47
> info
> Connection established.
>
>
> 13:28:47
> info
> Checking if oscap is available on remote machine...
>
>
> 13:28:59
> info
> Querying capabilities on remote machine...
>
>
> 13:29:13
> info
> Copying input data to remote target...
>
>
> 13:30:32
> info
> Starting the remote process...
>
>
> 13:30:32
> info
> Processing on the remote machine...
>
>
> 13:30:47
> error
> The 'oscap' process has written the following content to stderr: OpenSCAP
> Error: File '/tmp/tmp.3WyW7Kt0Aa' line 1835: Element
> '{http://oval.mitre.org/XMLSchema/oval-definitions-5#linux}systemdunitdependency_test':
> This element is not expected.
>
>
> 13:30:47
> error
> The 'oscap' process has written the following content to stderr:
> [../../../src/XCCDF/xccdf_session.c:342]
>
>
> 13:30:47
> error
> The 'oscap' process has written the following content to stderr: File
> '/tmp/tmp.3WyW7Kt0Aa' line 2482: Element
> '{http://oval.mitre.org/XMLSchema/oval-definitions-5#linux}systemdunitdependency_object':
> This element is not expected.
>
>
> 13:30:47
> error
> The 'oscap' process has written the following content to stderr:
> [../../../src/XCCDF/xccdf_session.c:342]
>
>
> 13:30:47
> error
> The 'oscap' process has written the following content to stderr: File
> '/tmp/tmp.3WyW7Kt0Aa' line 3427: Element
> '{http://oval.mitre.org/XMLSchema/oval-definitions-5#linux}systemdunitdependency_state':
> This element is not expected.
>
>
> 13:30:47
> error
> The 'oscap' process has written the following content to stderr:
> [../../../src/XCCDF/xccdf_session.c:342]
>
>
> 13:30:47
> error
> The 'oscap' process has written the following content to stderr: File
> '/tmp/tmp.3WyW7Kt0Aa' line 3653: Element
> '{http://oval.mitre.org/XMLSchema/oval-definitions-5}glob_to_regex': This
> element is not expected. Expected is one of (
> {http://www.w3.org/2000/09/xmldsig#}Signature,
> {http://oval.mitre.org/XMLSchema/oval-definitions-5}object_component,
> {http://oval.mitre.org/XMLSchema/oval-definitions-5}variable_component,
> {http://oval.mitre.org/XMLSchema/oval-definitions-5}literal_component,
> {http://oval.mitre.org/XMLSchema/oval-definitions-5}arithmetic,
> {http://oval.mitre.org/XMLSchema/oval-definitions-5}begin,
> {http://oval.mitre.org/XMLSchema/oval-definitions-5}concat,
> {http://oval.mitre.org/XMLSchema/oval-definitions-5}end,
> {http://oval.mitre.org/XMLSchema/oval-definitions-5}escape_regex,
> {http://oval.mitre.org/XMLSchema/oval-definitions-5}split ).
>
>
>
>
> [1] https://www.open-scap.org/tools/scap-workbench/
> [2] https://packages.debian.org/jessie/python-openscap
>
> _______________________________________________
> Open-scap-list mailing list
> Open-scap-list@redhat.com
> https://www.redhat.com/mailman/listinfo/open-scap-list
>
_______________________________________________
Open-scap-list mailing list
Open-scap-list@redhat.com
https://www.redhat.com/mailman/listinfo/open-scap-list
