-- Shawn Wells (e) [email protected] (c) 443-534-0130
On Feb 5, 2013, at 1:42 PM, Jeffrey Blank <[email protected]> wrote: > The comment-stripping might be done by OpenSCAP (by design?). > Related discussion: > https://www.redhat.com/archives/open-scap-list/2012-October/msg00001.html > > In any event, you certainly have an ACK for fixing the URN in the fix > script. I assume this is just providing OpenSCAP what it expects/wants. > Per Simon, the sh is what's in the xccdf 1.2 spec (and not related to a particular tool). > > On 02/05/2013 11:21 AM, Shawn Wells wrote: >> On 2/5/13 11:19 AM, Shawn Wells wrote: >>> Before the change: >>> $ oscap xccdf generate fix --result-id >>> xccdf_org.open-scap_testresult_stig-rhel6-server /tmp/stig-results.xml >>> >>> After the change: >>> $ oscap xccdf generate fix --result-id >>> xccdf_org.open-scap_testresult_stig-rhel6-server /tmp/stig-results.xml >>> >>> yum install aide >> >> Comments within the output were stripped for some reason. Actual output: >> >>> $ oscap xccdf generate fix --result-id >>> xccdf_org.open-scap_testresult_stig-rhel6-server /tmp/stig-results.xml >>> #!/bin/bash >>> # OpenSCAP fix generator output for benchmark: DRAFT Guide to the >>> Secure Configuration of Red Hat Enterprise Linux 6 >>> >>> # generated: 2013-02-05T11:18:33-05:00 >>> # END OF SCRIPT >>> [shawn@rhel6 RHEL6]$ vim /tmp/stig-results.xml >>> [shawn@rhel6 RHEL6]$ oscap xccdf generate fix --result-id >>> xccdf_org.open-scap_testresult_stig-rhel6-server /tmp/stig-results.xml >>> #!/bin/bash >>> # OpenSCAP fix generator output for benchmark: DRAFT Guide to the >>> Secure Configuration of Red Hat Enterprise Linux 6 >>> >>> # XCCDF rule: install_aide >>> # CCE-27024-9 >>> yum install aide >>> >>> # generated: 2013-02-05T11:18:57-05:00 >>> # END OF SCRIPT >> >> _______________________________________________ >> scap-security-guide mailing list >> [email protected] >> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > _______________________________________________ > scap-security-guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
