I'm without laptop for most of the day. If you're still working, would you be able to add the DS into rhel6 rpm and kickoff a build? If not, I can late tonight (US eastern time).
-- Shawn Wells Director, Innovation Programs [email protected] | 443.534.0130 @shawndwells > On Feb 20, 2014, at 11:06 AM, Jan Lieskovsky <[email protected]> wrote: > > ----- Original Message ----- >> From: "Shawn Wells" <[email protected]> >> To: [email protected] >> Sent: Wednesday, February 19, 2014 10:36:56 PM >> Subject: Re: [PATCH 0/3] Added datastream outputs for Fedora, RHEL7, RHEL6 >> >> On 2/18/14, 12:31 PM, Shawn Wells wrote: >> >> >> >> 0000-cover-letter.patch >> From 440572f256746f3e8acb225a784be3bb29ed2020 Mon Sep 17 00:00:00 2001 >> From: Shawn Wells <[email protected]> Date: Tue, 18 Feb 2014 12:26:37 -0500 >> Subject: [PATCH 0/3] Added datastream outputs for Fedora, RHEL7, RHEL6 >> >> SCAP datastreams allow for simplified SCAP content distribution, and also set >> us up for cryptographically signing >> the content. Additionally, our colleagues within SCAP Workbench and >> oscap-anaconda request datastreams for testing >> their content. >> >> This patch generates ssg-(fedora rhel7 rhel6)-ds.xml, which will include >> XCCDF, CPE, and OVAL content. This should >> be considered development preview; the RPM build and documentation has NOT >> been updated yet. >> >> Thank you to Alan Wylie for posting procedural guidance to the open-scap >> list! As he noted, profiles will now have >> new names when using the datastream: >> >> $ grep "<Profile" output/ssg-rhel6-ds.xml >> <Profile id="xccdf_org.ssgproject.content_profile_test"> >> <Profile id="xccdf_org.ssgproject.content_profile_CS2"> >> <Profile id="xccdf_org.ssgproject.content_profile_common"> >> <Profile id="xccdf_org.ssgproject.content_profile_server"> >> <Profile >> id="xccdf_org.ssgproject.content_profile_stig-rhel6-server-upstream"> >> <Profile id="xccdf_org.ssgproject.content_profile_usgcb-rhel6-server"> >> <Profile id="xccdf_org.ssgproject.content_profile_rht-ccp"> >> >> Additionally, the --cpe flag is no longer needed as it's included in the >> datastream: >> $ oscap xccdf eval \ >> --profile xccdf_org.ssgproject.content_profile_CS2 \ >> --report /tmp/ssg-report.html \ >> --results /tmp/ssg-results.xml \ >> output/ssg-rhel6-ds.xml >> >> >> >> Shawn Wells (3): >> Adding datastream output for RHEL6 >> Updated Fedora build process to generate datastream >> Added datastream output for RHEL7 >> >> Fedora/Makefile | 11 +++++++++++ >> RHEL/6/Makefile | 10 ++++++++++ >> RHEL/7/Makefile | 11 +++++++++++ >> 3 files changed, 32 insertions(+), 0 deletions(-) >> >> Pushed set per Jan's ack > > Thanks, Shawn. Would it be possible to make a new RHEL-6 rpm version bump too > and upload it to hosting service? (I would like to enhance Fedora's rpm > to include datastreams for both of RHEL-6 and RHEL-7 so it would be > possible from Fedora host to scan RHEL-{6,7} guests / remote systems too) > > The motivation behind having remote RHEL-{6,7} system scans possibility > is to provide chance content to be more widely used / tested without the > need to install it explicitly on each of the remote system scheduled to be > scanned (vision being: more wider easier usage => more sooner bug reports > => higher chance to fix them very soon). > > Thank you && Regards, Jan. > -- > Jan iankko Lieskovsky / Red Hat Security Technologies Team > >> >> -- >> Shawn Wells >> Director, Innovation Programs [email protected] | 443.534.0130 >> @shawndwells >> >> _______________________________________________ >> scap-security-guide mailing list >> [email protected] >> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide >> _______________________________________________ scap-security-guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
