>From 440572f256746f3e8acb225a784be3bb29ed2020 Mon Sep 17 00:00:00 2001 From: Shawn Wells <[email protected]> Date: Tue, 18 Feb 2014 12:26:37 -0500 Subject: [PATCH 0/3] Added datastream outputs for Fedora, RHEL7, RHEL6
SCAP datastreams allow for simplified SCAP content distribution, and also set us up for cryptographically signing the content. Additionally, our colleagues within SCAP Workbench and oscap-anaconda request datastreams for testing their content. This patch generates ssg-(fedora rhel7 rhel6)-ds.xml, which will include XCCDF, CPE, and OVAL content. This should be considered development preview; the RPM build and documentation has NOT been updated yet. Thank you to Alan Wylie for posting procedural guidance to the open-scap list! As he noted, profiles will now have new names when using the datastream: $ grep "<Profile" output/ssg-rhel6-ds.xml <Profile id="xccdf_org.ssgproject.content_profile_test"> <Profile id="xccdf_org.ssgproject.content_profile_CS2"> <Profile id="xccdf_org.ssgproject.content_profile_common"> <Profile id="xccdf_org.ssgproject.content_profile_server"> <Profile id="xccdf_org.ssgproject.content_profile_stig-rhel6-server-upstream"> <Profile id="xccdf_org.ssgproject.content_profile_usgcb-rhel6-server"> <Profile id="xccdf_org.ssgproject.content_profile_rht-ccp"> Additionally, the --cpe flag is no longer needed as it's included in the datastream: $ oscap xccdf eval \ --profile xccdf_org.ssgproject.content_profile_CS2 \ --report /tmp/ssg-report.html \ --results /tmp/ssg-results.xml \ output/ssg-rhel6-ds.xml Shawn Wells (3): Adding datastream output for RHEL6 Updated Fedora build process to generate datastream Added datastream output for RHEL7 Fedora/Makefile | 11 +++++++++++ RHEL/6/Makefile | 10 ++++++++++ RHEL/7/Makefile | 11 +++++++++++ 3 files changed, 32 insertions(+), 0 deletions(-)
_______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
