Hi Watson
On Wed, 29 Aug 2018 at 14:51, Watson Yuuma Sato <ws...@redhat.com> wrote: > On 29/08/18 11:05, Dhanushka Parakrama wrote: > > Hi Team > > > Hello Dhanushka, > > What version of SSG are you using? > This looks like a bug on 0.1.40 release, the package and service names > used in bash remediation for syslog-ng are different than your commands, we > use "syslogng" for package and service name. > > Would you be willing to propose a fix for that? > These are the files that would need to be changed: > > https://github.com/OpenSCAP/scap-security-guide/blob/master/debian8/templates/csv/packages_installed.csv > > https://github.com/OpenSCAP/scap-security-guide/blob/master/debian8/templates/csv/services_enabled.csv > > I have send the Pull request for those files > > We have ran the scan for debian 8 using below command > > *oscap xccdf eval --profile > xccdf_org.ssgproject.content_profile_anssi_np_nt28_high --report > report.html ssg-debian8-ds.xml* > > Got alerts as below , > ============== > [image: image.png] > > > To Fixed it we ran the below commands as suggested by the report > > * apt-get install syslog-ng-core > > * systemctl status syslog-ng > > ● syslog-ng.service - System Logger Daemon > Loaded: loaded (/lib/systemd/system/syslog-ng.service; enabled) > Active: active (running) since Tue 2018-08-28 15:04:28 IST; 23h ago > Docs: man:syslog-ng(8) > Process: 16275 ExecReload=/bin/kill -HUP $MAINPID (code=exited, > status=0/SUCCESS) > Main PID: 14555 (syslog-ng) > CGroup: /system.slice/syslog-ng.service > └─14555 /usr/sbin/syslog-ng -F > > Aug 28 15:04:28 oscapserver systemd[1]: Starting System Logger Daemon... > Aug 28 15:04:28 oscapserver systemd[1]: Started System Logger Daemon. > Aug 29 06:25:03 oscapserver systemd[1]: Reloading System Logger Daemon. > Aug 29 06:25:03 oscapserver systemd[1]: Reloaded System Logger Daemon. > > > But even after we ran the scan after fixing it Report still shows as > > Ensure syslog-ng is installed -> FAILED > Ensure Syslog-ng Service -> FAILED > > > Is there any reason for that ? > > > _______________________________________________ > Open-scap-list mailing > listOpen-scap-list@redhat.comhttps://www.redhat.com/mailman/listinfo/open-scap-list > > > -- > Watson Sato > Security Technologies | Red Hat, Inc > > _______________________________________________ > Open-scap-list mailing list > Open-scap-list@redhat.com > https://www.redhat.com/mailman/listinfo/open-scap-list
_______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list