On 12/18/13, 11:39 AM, Simon Lukasik wrote:
You can then verify the fix by running:
$ oscap xccdf generate fix \
--output my-fixes.xml
--profile usgcb-rhel6-server \
--template urn:xccdf:fix:script:sh \
./scap-security-guide/RHEL6/dist/content/ssg-rhel6-xccdf.xml
No need to run it on a system. Nor sed.
Incredibly handy! Two things:
(1) On OpenSCAP 0.9.12-1, the output file is chmod'd to 100. Could this
be something more reasonable -- such as inheriting the umask value, or
perhaps 500, as this will be a script to execute?
(2) The output file does not include any of the CCE information. Is
there a way to have this included (happy to open an RFE if needed)?
_______________________________________________
scap-security-guide mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
