Re: New report and guide in openscap 1.1.0

Mon, 01 Sep 2014 07:05:12 -0700 

This took a bit longer to process and fix.

----- Original Message -----
> From: "Jan Lieskovsky" <jlies...@redhat.com>
> To: "Martin Preisler" <mprei...@redhat.com>
> Cc: "SCAP Security Guide" <scap-security-guide@lists.fedorahosted.org>
> Sent: Friday, August 29, 2014 10:52:44 AM
> Subject: Re: New report and guide in openscap 1.1.0
> 
> Hello Martin,
> 
>   thank you for the preview of the new look / functionality.
> 
> Couple of points for the report case (not sure they have been mentioned
> already):
> 1) Text under Characteristics paragraph:
> 
>    " User root started the evaluation at 2014-08-28T16:44:12.
>      Evaluation finished at 2014-08-28T16:50:10. The target machine was
>      called localhost.localdomain.
> 
>      Benchmark from /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml was
>      used. Profile usgcb-rhel6-server was selected."
> 
> Might it look better when organized into a table (example below)?
> 
>   Evaluation Run:
> 
>     Performed by:            root
>     Started:                 2014-08-28T16:44:12  \  here maybe also split
>     Y-M-D with space from H-M-S?
>     Finished:                2014-08-28T16:50:10  /
>     Target (of Evaluation):  localhost.localdomain
>     Benchmark Location:
>     /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
>     Evaluated Profile:       usgcb-rhel6-server

Fixed, see 4cc9cdc5f33c6d74c85498d29b7cdb6b0d265700

> 2) Regarding colours - non-consistence in colour shades in "Compliance and
> Scoring"
>    vs "Rule Overview" section. Would it be possible to merge the shades? (IOW
>    use just
>    one shade of red, green, gray, orange, etc. across the document)

Fixed, see 1f72e5e3c3e3fad4b0d0b02558dafaa818085682

> 
> 3) Missing the "Rule overview" & "Rule details" anchors (they were present in
> previous
>    version). Reasoning "Rule overview" isn't displayed when displaying top of
>    the page.
>    Would it be possible to have "Rule overview" anchor in the top panel to be
>    able quickly
>    to navigate there?
> 
>    Ad "Rule details" -- since they aren't displayed by default, having "Rule
>    details"
>    anchor would either enable the "Show all result details" button (the page
>    display would
>    behave after clicking "Rule details" like the "Show all result details"
>    button was clicked +
>    the top of the page would be navigated to the start of the details table)

I don't see any reason to include those. If you want this behavior, disable
JavaScript and reload the report. I think it's inferior to the modal dialogs.

> 4) Rule titles aren't displayed in the colour of the result -- not sure we
> want this, but
>    could you possibly provide preview of a case, where passed rules titles
>    would be coloured
>    out in green (same colour as the bounding box has around the rule result),
>    unknown state
>    rule titles would be in orange, notchecked rule titles in gray etc.

Correct, I highlight rules that need attention. All other rules have plain
color. I don't want to make the report even more colorful than it is :-)

Sorry but I do not have time to do this, patches are welcome of course.

> 5) Regarding the "Result Details" table - generally looks fine, but sometimes
> the inner
>    rule description is larger than the outside red coloured table. Example of
>    the rule:
>    "Verify and Correct File Permissions with RPM"
> 
>    The inner table spans out of the red coloured bounding box. Would it be
>    possible either
>    to reduce the inner table or enlarge the outer bounding box?

I made the check-system-details div scroll when overflowing, see
e4d6b3a2476f0487319127d56fbc338832585b42

Done the same for remediation fixes in cd68636eb9dde7a5d00dc8b5830d95015cc8d667

> 6) (I think) from the current layering the particular OVAL check test comment
> (often clarifying
>    the requirement) might not be immediately visible / noticeable:
> 
> 
>    Example (current output):
> 
>    OVAL details
>                                                          nosuid on /dev/shm
>    mount point        device  uuid    fs type mount options   mount options   
> mount options
>       total space     space used      space left
>   /dev/shm    tmpfs           tmpfs   rw      seclabel        relatime        
> 128830  57      128773
> 
>   Here the first row table header ("nosuid on /dev/shm") is that comment.
>   Would it be possible to
>   highlight it somehow? E.g.
> 
>   OVAL details
> 
>                  Requirement:                  nosuid on /dev/shm
> 
>                  (Evaluated) System status:
>   mount point    device     uuid  ...
>   ...                             ...
> 
>   Or use at least bold font for the "nosuid on /dev/shm" OVAL comment.

See 75f5f4f316a7d3cab582e5c9a09f8f89f103e24e

It now says "Items violating {OVAL test}:" because that's exactly what we are
showing there.

> Otherwise I think in general the output is very nice. Should I notice other
> points will share them yet.

Looking forward to that.

-- 
Martin Preisler
-- 
SCAP Security Guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/

Reply via email to