How do I get GovReady/OpenSCAP running on version X of AWS (or CentOS) Linux?

GovReady / govready

Toolkit for getting open source apps ready for secure, approved government use

GNU General Public License v3.0

97 stars 31 forks source link

How do I get GovReady/OpenSCAP running on version X of AWS (or CentOS) Linux? #87

Open gregelin opened 8 years ago

gregelin commented 8 years ago

I want to run GovReady and OpenSCAP and SCAP-Security-Guide on Amazon Linux (or CentOS), but all the results come back "not applicable". How do I fix that?

gregelin commented 8 years ago

This is a common question. The fix is straightforward, but the explanation--and future proofing the fix--gets confusing.

The fix is to change a few lines in SCAP-Security-Guide's SCAP content file /usr/share/xml/scap/ssg/content/ssg-rhel6-cpe-oval.xml telling OpenSCAP to accept the OVAL schema and OVAL tests we are running will work on particular Linux operating system.

bkruger99 commented 7 years ago

Found this: http://www.redhat.com/archives/spacewalk-list/2014-November/msg00007.html To make it work on Centos 6.

AWS Linux still requires more work.

gregelin commented 7 years ago

@bkruger99 Thanks for the link!

bkruger99 commented 7 years ago

Also added a spec file in #45 .. Just need to get policy files and we're probably good to go. I'll try bugging AWS to see if something can get on their roadmap..