Open mpreisler opened 9 years ago
Should this be available for XCCDF 1.1 input files? These can't be put into source datastreams, validation fails with them in.
Doing this for XCCDf 1.2 should be fairly easy but I am afraid not very useful. Most content providers seem to ship XCCDF 1.1 and OVAL separately and SDS with XCCDF 1.2 as an alternative. So for XCCDF 1.2 they already ship a datastream and for XCCDF 1.1 we can't simply create one without doing some sort of a conversion.
I would prefer not to give scap-workbench a new job of converting XCCDF from 1.1 to 1.2.
IMO effort is better spent on #7 if we want remove scanning for plain XCCDF 1.1 files. It's not a trivial ticket though.
Reply by Jan Lieskovsky: Hi Martin,
agree this one is alternative for #147 one. Either one of them to be implemented works for me(feel free to choose that one constituting less work). Basically the idea / sample use case is:
download sample 3-rd party content in the form of XCCDF + OVAL (but more generally don't care about the format the benchmark is provided in), try to scan remote system with that content.
USGCB content for RHEL-5 Desktop might serve as an example for such a request.
Thanks, Jan.
It seems like this issue and #50 should be merged?
Author of this ticket: Jan Lieskovsky (GitHub doesn't allow me to create it in his name)
scap-workbench can save the loaded content into various formats (e.g. 'Save into a directory', 'Save as RPM'). But since remote system scans doesn't support core XCCDF format as an input format, in case user obtains custom content (other than scap-security-guide which comes with datastream [DS] support) from some source, and want to use it for remote system scan, they aren't left with other option than just generate the datastream (DS) output by themselves, load the datastream into scap-workbench and perform remote system scan only with the modified / "datastream-ized" content.
For simplification & improvement of the user experience of scap-workbench's tool it would be brilliant if it could generate datastream output from content provided in the XCCDF format. E.g. support use case like the following:
Original trac ticket: https://fedorahosted.org/scap-workbench/ticket/259