On 11/19/2012 10:44 AM, Peter Gustafsson wrote: > Hi, > > I only get (null) result on almost all test when using > scap-security-guide-0.1-6 or scap-security-guide-0.1-7. > > I'm executing the test on a rhel 6.3 box having below version of > openscap installed: > openscap-utils-0.8.0-2.el6.x86_64 > openscap-0.8.0-2.el6.x86_64 > > # oscap xccdf eval --profile server > /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml > Rule ID: partition_for_tmp > Title: Ensure /tmp Located On Separate Partition > Result: (null) > > Rule ID: partition_for_var > Title: Ensure /var Located On Separate Partition > Result: (null) > > Rule ID: partition_for_var_log > Titexecuting the test on a rhel 6.3 box having below version of le: Ensure /var/log Located On Separate Partition > Result: (null) > > Rule ID: partition_for_var_log_audit > Title: Ensure /var/log/audit Located On Separate Partition > Result: (null) > > Rule ID: partition_for_home > Title: Ensure /home Located On Separate Partition > Result: (null) > ...... >
Hello Peter, Most probably you are hitting issue described at https://www.redhat.com/archives/open-scap-list/2012-October/msg00022.html Scap-security-guide project started to use SCAP features which are not supported by OpenSCAP version in rhel6.3. Basically I can see following options: - use an older snapshot of scap-security-guide - wait for rhel6.4 update of openscap - use fixed (but unofficial) build of openscap - remove problematic bits from SSG content (remove all ocil checks) Regards, -- Simon Lukasik _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
