|
On 05/08/2017 05:20 AM, Gary Gapinski
wrote:
Hello, Luther:
On 05/08/2017 04:29 AM, Luther Goh Lu Feng wrote:
It seems that some of the rules are not checked in the scan. Any ideas why?
At least for the RHEL7 content (what I have handy at the moment),
there are no related OVAL definitions, thus the rules will not be
checked. I expect the Debian content is the same. This can be
verified by inspecting either the XCCDF or datastream documents
(e.g., search for the rule service_rsyslog_enabled and
note that there is no OVAL <check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
construct within the <Rule> stanza).
PS: there are 147 such <Rule>s within the RHEL7
content lacking OVAL definitions (using the XPath query «//*:Rule[not(check[@system="http://oval.mitre.org/XMLSchema/oval-definitions-5"])]»).
|
_______________________________________________
Open-scap-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/open-scap-list
