GabeThanks,Please note that I believe that ssg-centos6-cpe-dictionary.xml is not being built with SSG. OpenSCAP is here: https://github.com/openscap/openscap and the announcement here: So I believe all that needs to be done is:When you run the XCCDF, you have to specify the CentOS XCCDF like below:You can download and build the SSG content from https://github.com/OpenSCAP/scap-security-guideHey Bond,As of SCAP Security Guide release 0.1.23, CentOS content is now available (any older version will require tweaking). See the announcement here: https://lists.fedorahosted.org/pipermail/scap-security-guide/2015-June/006462.html
# oscap xccdf eval --profile stig-rhel6-server-upstream \
--results /tmp/`hostname`-ssg-results.xml \
--report /tmp/`hostname`-ssg-results.html \
--cpe /usr/share/xml/scap/ssg/content/ssg-centos6-cpe-dictionary.xml \
/usr/share/xml/scap/ssg/content/ssg-centos6-xccdf.xml
# oscap xccdf eval --profile stig-rhel6-server-upstream \
--results /tmp/`hostname`-ssg-results.xml \
--report /tmp/`hostname`-ssg-results.html \
/usr/share/xml/scap/ssg/content/ssg-centos6-xccdf.xml
On Tue, Jun 30, 2015 at 3:56 PM, Bond Masuda <bond.masuda@hexadiam.com> wrote:
Hello,
Is there a guide on how to use the RHEL SCAP content for CentOS? When I
try to use it, I get a lot of "Result: notapplicable". What needs to be
done?
I'm using it with OpenSCAP per the manual:
# oscap xccdf eval --profile stig-rhel6-server-upstream \
--results /tmp/`hostname`-ssg-results.xml \
--report /tmp/`hostname`-ssg-results.html \
--cpe /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-dictionary.xml \
/usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml
TIA,
-Bond
--
SCAP Security Guide mailing list
scap-security-guide@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/