On 6/1/13 5:20 PM, Shawn Wells wrote:
From d43b1d02d295afdbf954af076668843845ae4325 Mon Sep 17 00:00:00 2001 From: Shawn Wellsshawn@redhat.com Date: Sat, 1 Jun 2013 17:11:16 -0400 Subject: [PATCH 4/4] Created service_*_disabled remediation scripts
- Generated from template
Just to ensure things showup properly during script gen: oscap xccdf eval --profile stig-rhel6-server --cpe ssg-rhel6-cpe-dictionary.xml --results /var/www/html/results/results.xml --report /var/www/html/report.html ssg-rhel6-xccdf.xml; oscap xccdf generate fix --result-id xccdf_org.open-scap_testresult_stig-rhel6-server /var/www/html/results/results.xml ....
chkconfig --level 0123456 autofs off
service autofs stop
.....
comments get stripped from my email2list script... here's the full output of script generation:
#!/bin/bash # OpenSCAP fix generator output for benchmark: Guide to the Secure Configuration of Red Hat Enterprise Linux 6
# Generating fixes for all failed rules in test result 'xccdf_org.open-scap_testresult_stig-rhel6-server'.
# XCCDF rule: service_autofs_disabled # CCE-26976-1
# # Disable autofs for all run levels # chkconfig --level 0123456 autofs off
# # Stop autofs if currently running # service autofs stop
I'm confused. So remediation content into Scap? Not what was discussed on the Aqueduct call yesterday?
Sent from my Verizon Wireless 4G LTE Smartphone
-------- Original message -------- From: Shawn Wells shawn@redhat.com Date: 06/01/2013 2:22 PM (GMT-08:00) To: scap-security-guide@lists.fedorahosted.org Subject: Re: [PATCH 4/4] Created service_*_disabled remediation scripts
On 6/1/13 5:20 PM, Shawn Wells wrote:
From d43b1d02d295afdbf954af076668843845ae4325 Mon Sep 17 00:00:00 2001
From: Shawn Wells shawn@redhat.commailto:shawn@redhat.com Date: Sat, 1 Jun 2013 17:11:16 -0400 Subject: [PATCH 4/4] Created service_*_disabled remediation scripts - Generated from template
Just to ensure things showup properly during script gen: oscap xccdf eval --profile stig-rhel6-server --cpe ssg-rhel6-cpe-dictionary.xml --results /var/www/html/results/results.xml --report /var/www/html/report.html ssg-rhel6-xccdf.xml; oscap xccdf generate fix --result-id xccdf_org.open-scap_testresult_stig-rhel6-server /var/www/html/results/results.xml ....
chkconfig --level 0123456 autofs off
service autofs stop
.....
comments get stripped from my email2list script... here's the full output of script generation:
#!/bin/bash # OpenSCAP fix generator output for benchmark: Guide to the Secure Configuration of Red Hat Enterprise Linux 6
# Generating fixes for all failed rules in test result 'xccdf_org.open-scap_testresult_stig-rhel6-server'.
# XCCDF rule: service_autofs_disabled # CCE-26976-1
# # Disable autofs for all run levels # chkconfig --level 0123456 autofs off
# # Stop autofs if currently running # service autofs stop
On 6/1/13 5:22 PM, Shawn Wells wrote:
On 6/1/13 5:20 PM, Shawn Wells wrote:
From d43b1d02d295afdbf954af076668843845ae4325 Mon Sep 17 00:00:00 2001 From: Shawn Wellsshawn@redhat.com Date: Sat, 1 Jun 2013 17:11:16 -0400 Subject: [PATCH 4/4] Created service_*_disabled remediation scripts
- Generated from template
Just to ensure things showup properly during script gen: oscap xccdf eval --profile stig-rhel6-server --cpe ssg-rhel6-cpe-dictionary.xml --results /var/www/html/results/results.xml --report /var/www/html/report.html ssg-rhel6-xccdf.xml; oscap xccdf generate fix --result-id xccdf_org.open-scap_testresult_stig-rhel6-server /var/www/html/results/results.xml ....
chkconfig --level 0123456 autofs off
service autofs stop
.....
comments get stripped from my email2list script... here's the full output of script generation:
#!/bin/bash # OpenSCAP fix generator output for benchmark: Guide to the Secure Configuration of Red Hat Enterprise Linux 6
# Generating fixes for all failed rules in test result 'xccdf_org.open-scap_testresult_stig-rhel6-server'.
# XCCDF rule: service_autofs_disabled # CCE-26976-1
# # Disable autofs for all run levels # chkconfig --level 0123456 autofs off
# # Stop autofs if currently running # service autofs stop
bump
ack/nack?
note this is meant to provide examples of templates, prepping for a larger remediation effort once OVAL is complete
scap-security-guide@lists.fedorahosted.org
-
Shawn Wells -
Shawn Wells -
Vincent Passaro