I redid this exercise after finishing lab 3 and today it worked. I can't explain why it failed the first time--I'm sure I did it right each time I tried.
On Fri, Mar 3, 2023 at 11:06 AM Johnnie W Adams <jxad...@ualr.edu> wrote: > Hi, folks, > > I decided to redo the labs from the start, and found that the first > exercise is not working. The text only appears once in the .yml file but > twice in the html output. > > Thanks, > > John A > > On Mon, Oct 10, 2022 at 5:00 AM Gabriel Gaspar Becker <ggasp...@redhat.com> > wrote: > >> It kind of depends on what exactly you are trying to achieve. For >> example, if you are modifying the ansible playbooks and want to have those >> changes permanently present and let's say, keep them organized... then you >> will definitely need to get involved with the project. I'm assuming you are >> directly changing the playbooks to your own custom way (not talking about >> variables and such, which in this case SCAP workbench would help you in >> creating customized profiles and select custom values for variables). >> >> For a regular end user, what they will usually interact in a sense of >> customization is the profile tailoring which will result in different >> selections of ansible playbooks being generated for example. I hope that >> this helps. >> >> Regards >> >> On Fri, Oct 7, 2022 at 8:38 PM Johnnie W Adams <jxad...@ualr.edu> wrote: >> >>> Hi, Gabriel Gaspar Becker, >>> >>> I'm a little ways into the workshop, and I'd like to ask if (in >>> your opinion) it will be useful to me as an end user. It appears to me to >>> be more of a developer tutorial. >>> >>> Thanks, >>> >>> John A >>> >>> On Tue, Oct 4, 2022 at 10:38 AM Gabriel Gaspar Becker < >>> ggasp...@redhat.com> wrote: >>> >>>> These playbooks are organized individually in the project >>>> https://github.com/ComplianceAsCode/content/ >>>> >>>> Which then are built into those complex datastreams and consumed by >>>> OpenSCAP, I believe reading about the ComplianceAsCode content and >>>> specially doing this workshop >>>> https://github.com/ComplianceAsCode/content/blob/master/docs/workshop/README.adoc >>>> will give you a better understanding of the whole process. >>>> >>>> On Thu, Sep 29, 2022 at 3:47 PM Johnnie W Adams <jxad...@ualr.edu> >>>> wrote: >>>> >>>>> Hi, Vojtech, >>>>> >>>>> Sorry--I'll be more exact. >>>>> >>>>> I am working with the remediation playbook generated by running a >>>>> scan and attempting to edit it down. I was able to make an edited version >>>>> with the three high severity rules we wanted to enforce. That was simple, >>>>> because there were three easily isolated plays. >>>>> >>>>> I'm having a difficult time doing the same thing with the medium >>>>> severity rules. The playbook is very large and editing it down is a >>>>> challenge. So here's my original question better asked: >>>>> >>>>> How do you edit down such a massive playbook? And after you've >>>>> edited it down, how do you organize the plays inside it? These are more >>>>> practical questions than deep technical questions. >>>>> >>>>> Thanks, >>>>> >>>>> John A >>>>> >>>>> On Thu, Sep 29, 2022 at 8:33 AM Vojtech Polasek <vpola...@redhat.com> >>>>> wrote: >>>>> >>>>>> Hello John, >>>>>> >>>>>> could you please explain what are you trying to do? I am afraid that >>>>>> we might be using different terms. See below. >>>>>> >>>>>> Vojta >>>>>> >>>>>> >>>>>> Dne 27. 09. 22 v 20:50 Johnnie W Adams napsal(a): >>>>>> >>>>>> Hi, folks, >>>>>> >>>>>> It wasn't too hard to get an Ansible playbook for the three high >>>>>> severity rules I just fixed. >>>>>> >>>>>> That's good. >>>>>> >>>>>> >>>>>> Now I'm looking at a report with I don't know how many medium >>>>>> severity rules in it, and I'm at a loss as to how to edit it. >>>>>> >>>>>> >>>>>> What kind of report? Is it a HTML report? Is it a file with ARF >>>>>> results? Is it a XCCDF results file? What command did you use to scan / >>>>>> generate the report? >>>>>> >>>>>> >>>>>> How do you folks do it? I mean that both mechanically--How do >>>>>> you create a valid playbook from that huge file?--and logically--How do >>>>>> you >>>>>> organize the plays? It's quite a task! >>>>>> >>>>>> Well, openscap can generate a playbook based on several sources: >>>>>> >>>>>> - a datastream - it can generate complete playbook for a whole >>>>>> profile. Each task inthe playbook has several tags which can help you to >>>>>> choose which tasks to run. You can select tasks based on the XCCDF rule >>>>>> they belong to, based on their severit etc. >>>>>> >>>>>> - XCCDF result file - if you scan the system with command like this: >>>>>> >>>>>> ``` >>>>>> >>>>>> oscap xccdf eval --profile some_profile --results results.xml >>>>>> path_to_datastream >>>>>> >>>>>> ``` >>>>>> >>>>>> >>>>>> You will get the XCCDF results file results.xml. This can be later >>>>>> put into the command like: >>>>>> >>>>>> ``` >>>>>> >>>>>> oscap xccdf generate fix --fix-type ansible --output playbook.yml >>>>>> --result-id >>>>>> xccdf_org.open-scap_testresult_xccdf_org.ssgproject.content_profile_profile_name >>>>>> results.xml >>>>>> >>>>>> ``` >>>>>> >>>>>> >>>>>> So it depends what you want to do. >>>>>> >>>>>> >>>>>> Thanks, >>>>>> >>>>>> John A >>>>>> >>>>>> -- >>>>>> John Adams >>>>>> Senior Linux/Middleware Administrator | Information Technology >>>>>> Services >>>>>> +1-501-916-3010 | jxad...@ualr.edu | http://ualr.edu/itservices >>>>>> *UA Little Rock* >>>>>> >>>>>> Reminder: IT Services will never ask for your password over the >>>>>> phone or in an email. Always be suspicious of requests for personal >>>>>> information that come via email, even from known contacts. For more >>>>>> information or to report suspicious email, visit IT Security >>>>>> <http://ualr.edu/itservices/security/>. >>>>>> >>>>>> _______________________________________________ >>>>>> Open-scap-list mailing >>>>>> listOpen-scap-list@redhat.comhttps://listman.redhat.com/mailman/listinfo/open-scap-list >>>>>> >>>>>> >>>>> >>>>> -- >>>>> John Adams >>>>> Senior Linux/Middleware Administrator | Information Technology >>>>> Services >>>>> +1-501-916-3010 | jxad...@ualr.edu | http://ualr.edu/itservices >>>>> *UA Little Rock* >>>>> >>>>> Reminder: IT Services will never ask for your password over the phone >>>>> or in an email. Always be suspicious of requests for personal information >>>>> that come via email, even from known contacts. For more information or to >>>>> report suspicious email, visit IT Security >>>>> <http://ualr.edu/itservices/security/>. >>>>> _______________________________________________ >>>>> Open-scap-list mailing list >>>>> Open-scap-list@redhat.com >>>>> https://listman.redhat.com/mailman/listinfo/open-scap-list >>>>> >>>> >>> >>> -- >>> John Adams >>> Senior Linux/Middleware Administrator | Information Technology Services >>> +1-501-916-3010 | jxad...@ualr.edu | http://ualr.edu/itservices >>> *UA Little Rock* >>> >>> Reminder: IT Services will never ask for your password over the phone >>> or in an email. Always be suspicious of requests for personal information >>> that come via email, even from known contacts. For more information or to >>> report suspicious email, visit IT Security >>> <http://ualr.edu/itservices/security/>. >>> >> > > -- > John Adams > Senior Linux/Middleware Administrator | Information Technology Services > +1-501-916-3010 | jxad...@ualr.edu | http://ualr.edu/itservices > *UA Little Rock* > > Reminder: IT Services will never ask for your password over the phone or > in an email. Always be suspicious of requests for personal information that > come via email, even from known contacts. For more information or to > report suspicious email, visit IT Security > <http://ualr.edu/itservices/security/>. > -- John Adams Senior Linux/Middleware Administrator | Information Technology Services +1-501-916-3010 | jxad...@ualr.edu | http://ualr.edu/itservices *UA Little Rock* Reminder: IT Services will never ask for your password over the phone or in an email. Always be suspicious of requests for personal information that come via email, even from known contacts. For more information or to report suspicious email, visit IT Security <http://ualr.edu/itservices/security/>.
_______________________________________________ Open-scap-list mailing list Open-scap-list@redhat.com https://listman.redhat.com/mailman/listinfo/open-scap-list
