Advertise path to SSG in remediation scripts

[jan-cerny]

We have now a header in remediation scripts:

    3 # Bash remediation role for profile xccdf_org.ssgproject.content_profile_pci-dss
    4 # Profile Title:  PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7
    5 # Profile Description:  This is a *draft* profile for PCI-DSS v3.
    6 #
    7 # Benchmark ID:  xccdf_org.ssgproject.content_benchmark_RHEL-7
    8 # Benchmark Version:  0.1.33
    9 #
   10 # XCCDF Version:  1.2
   11 #
   12 # This file was generated by OpenSCAP 1.2.15 using:
   13 #   $ oscap xccdf generate fix --profile xccdf_org.ssgproject.content_profile_pci-dss sds.xml 
   14 #

It would be nice to have a REAL path in the command on line 13, instead of sds.xml.

We think that people can download the scripts from the internet, so that way they can find that SSG exists on their system somewhere in /usr/share. (Of course this should work for any path.)

Unfortunately, it is not feasible to do this is maint-1.2 branch without breaking API. Thanks @kjankov for investigating this.

I'm opening this issue so that we can implement this issue when we will work on OpenSCAP 1.3.

[evgenyz]

@jan-cerny Can we do it now without breaking API? Or it should be moved to 1.4? Or dropped?

[jan-cerny]

AFAIK this part of API hasn't changed so it should be either moved to future or dropped.

It would be a nice UX improvement, but it isn't causing any problems.

[evgenyz]

Fixed in https://github.com/OpenSCAP/openscap/pull/2136.