Hi due to some of our systems setup I am looking for a way to tune some of the SSG OVAL tests but i'm not sure what is the best approach.
For example: the test xccdf_org.ssgproject.content_rule_audit_rules_dac_modification_chmod checks whether auid >= 1000 this is good but our system implementation puts the configuration settings at auid>=512. This results in the test failing while the system is in fact compliant. I could of course just skip the test, but that would miss the point. Alterntively I though of forking a personal version of the ssg oval file with the settings matching my needs. Is there another more subtle alternative? tx
_______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
