On 10/22/13, 10:17 AM, Vratislav Podzimek wrote:
On Thu, 2013-10-17 at 14:39 -0400, Steve Grubb wrote:
>On Friday, October 04, 2013 11:05:24 PM Shawn Wells wrote:
> >Augeas and puppet would be great, their downside is they don't ship
> >natively with RHEL Part of the goal is to enable the remediation with
> >native tooling first.
>
>Right. I'd also like to highlight the openscap integration with Anaconda which
>is coming in RHEL7. The intention is that from anaconda you'll be able to
>select the security policy and in the post install phase it will remediate the
>system so that its in configuration from the first install.
The openscap integration Anaconda addon [1] is now being packaged [2]
for the Fedora distribution. Once there is a package, composes can be
made by lorax (the tool creating installation DVDs, etc.) for testing
purposes or as some sort of a Fedora spin.
But however the code may be ready, we don't have any content. And I'm
afraid the same applies to RHEL7 where we could provide a way for
testing, we could even make the addon available by default, but without
any content it would be useless.
[1]https://fedorahosted.org/oscap-anaconda-addon
[2]https://bugzilla.redhat.com/show_bug.cgi?id=1021485
Fedora 20 alpha packages @
http://koji.fedoraproject.org/koji/buildinfo?buildID=472985
F19/20 and EPEL6 packages should hit soon (matter of days). Through
Jan's mentoring, we were able to run a test EPEL-6 build earlier today:
http://koji.fedoraproject.org/koji/buildinfo?buildID=473841
In regards to RHEL7... we're only waiting for _public_ alpha & beta at
this point (so the community can start generating content). Needless to
say, there WILL be content -- this feature is one of the most talked
about within RH Public Sector. Many, many customers and community
members are drooling at the mouth for your SCAP/Anaconda integration to
hit RHEL!
_______________________________________________
scap-security-guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
