On 10/31/13, 10:32 AM, Matthew Mariani wrote:
+ the attachment for #2
------------------------------------------------------------------------
*From: *"Matthew Mariani" <mmariani(a)redhat.com>
*To: *scap-security-guide(a)lists.fedorahosted.org
*Cc: *"Karl Stevens" <kstevens(a)redhat.com>
*Sent: *Thursday, October 31, 2013 10:30:37 AM
*Subject: *Additional Checks for RH Cloud Provider Profile (rht-ccp)
Hi SSG team,
For the CCP profile recently added, I would like to add new RHEL6
checks for the bullets below.
1. Cloud image disk checks - do these checks exist already?
a.) Minimum Disk - 6GB
b.) Available Disk - 4GB or more
2. Non-RH packages installed on the RHEL system - ** For this one,
on the open-scap-list, Danny Hynes provided the attached OVAL
definition, but I'm not sure how to build that into the rht-ccp
profile. Does anyone have an example?
Any guidance on how to proceed is appreciated.
Content creation docs are... limited. To start, check out Section 5 of
the workbook:
http://blog-shawndwells.rhcloud.com/wp-content/uploads/2013/07/SCAP-Works...
It will step you through a *very* basic rule creation, generating both
the XCCDF and OVAL, and should help you understand the linkage between
the two components.
As for disk space, do a find on "partition_item" here:
http://oval.mitre.org/language/version5.10.1/ovalsc/documentation/linux-s...
Notice the two extend options:
- space_used
- space_left
We should be able to create your #1 based off these.
As for non-RH packages, your attached OVAL is on par here. Do a search
for "rpm_info" on the URL above to get an idea of capabilities....
specifically the signature_keyid check!
So then, start with the workbook, and when your build fails, check the
spelling of "rational" vs rationale ;) Check back here when done & we'll
work out the OVAL checks.