Hi Simon
I updated, the error message is different (but still present)
xml file:
<ns10:Rule id="xccdf_1_rule_1402" selected="true"
severity="medium">
<ns10:title>selinux</ns10:title>
<ns10:description>Checks if you have SELinux
enabled</ns10:description>
<ns10:check system="http://open-scap.org/page/SCE";>
<ns10:check-import import-name="stdout" />
<ns10:check-content-ref href="scap_1402.sh" />
</ns10:check>
</ns10:Rule>
output:
[root]# oscap xccdf eval --profile xccdf_1_profile_1 rm-ds.xml
Title selinux
Rule xccdf_1_rule_1402
Result notchecked
OpenSCAP Error: SCE couldn't find script file 'scap_1402.sh'. Expected
location: '/tmp/oscap.3sSrgD/scap_1402.sh'. [sce_engine.c:387]
Same kind of error message if I set absolute path /root/scap_1402.sh
Thank you for help
Raymond
2018-04-25 10:12 GMT+02:00 Šimon Lukašík <[email protected]>:
> On 04/25/2018 09:47 AM, Raymond Mercier wrote:
> > <ns10:Rule id="xccdf_1_rule_1402"
> selected="true" severity="medium">
> > <ns10:title>selinux</ns10:title>
> > <ns10:description>Checks if you have
> SELinux enabled</ns10:description>
> > <ns10:check system="
> http://wordpress-www-open-scap-org.b9ad.pro-us-east-
> 1.openshiftapps.com/page/SCE">
>
> This check/system doesn't feel right. :)
>
> The usage at https://www.open-scap.org/features/other-standards/sce/ say
> we should use http://open-scap.org/page/SCE instead.
>
> Audit, Fix and Be Merry,
> ~š.
>
>
> > <ns10:check-import
> import-name="stdout" />
> > <ns10:check-content-ref
> href="scap_1402.sh" />
> > </ns10:check>
> > </ns10:Rule>
>
_______________________________________________
Open-scap-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/open-scap-list
