Thanks for that! I can't help wondering if people have considered separating CentOS and SL so that they can be treated individually without a lot of workarounds? Given that the rules and the checks are already centralized in linux_os (I think), it seems like there wouldn't be too much duplication, though I the nice thing about the derivatives is that a change in RHEL automatically gets propagated to the derivatives.
Alternatively, I wonder why it was decided to remove profiles like OSPP from CentOS? Of course, no CentOS system could meet all of those criteria (like the need for commercial support), but it seems like that's a user decision, and it's much easier to de-select one rule than to hack the logic that pulls profiles out. Just some early morning thoughts, though! Tim _______________________________________________ scap-security-guide mailing list -- scap-security-guide@lists.fedorahosted.org To unsubscribe send an email to scap-security-guide-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/scap-security-guide@lists.fedorahosted.org
