Open matusmarhefka opened 6 years ago
I can think of two solutions for this issue:
atomic help
command to print all supported datastreams and profiles.oscapd-evaluate
will select the corresponding datastream file and it will print the required info). There might be a problem when scanning multiple images/containers at once (using --images
or --all
) - in this case we would not print info and rather scan all images with profile selected by user.Maybe atomic help could print a table, where rows would be unique profile IDs. Example
Available profiles and their applicability
==========================================
Profile ID | Fedora | EL7 | EL6 |
===================================
pci-dss | | X | X |
common | X | X | X |
cjis | | X | |
...
...
@jan-cerny I like the idea with table.
When scanning for configuration compliance using atomic scan user has no easy way how to find out what datastreams and profiles are supported (bundled inside the openscap container image).
The issue is partialy fixed by added support for
atomic help
command which at least prints the version of bundled scap-security-guide inside the openscap container image (PR https://github.com/OpenSCAP/openscap-daemon/pull/118).