mpreisler
commented
9 years ago Should this be available for XCCDF 1.1 input files? These can't be put into source datastreams, validation fails with them in.
Doing this for XCCDf 1.2 should be fairly easy but I am afraid not very useful. Most content providers seem to ship XCCDF 1.1 and OVAL separately and SDS with XCCDF 1.2 as an alternative. So for XCCDF 1.2 they already ship a datastream and for XCCDF 1.1 we can't simply create one without doing some sort of a conversion.
I would prefer not to give scap-workbench a new job of converting XCCDF from 1.1 to 1.2.
IMO effort is better spent on #7 if we want remove scanning for plain XCCDF 1.1 files. It's not a trivial ticket though.
dfc
Author of this ticket: Jan Lieskovsky (GitHub doesn't allow me to create it in his name)
scap-workbench can save the loaded content into various formats (e.g. 'Save into a directory', 'Save as RPM'). But since remote system scans doesn't support core XCCDF format as an input format, in case user obtains custom content (other than scap-security-guide which comes with datastream [DS] support) from some source, and want to use it for remote system scan, they aren't left with other option than just generate the datastream (DS) output by themselves, load the datastream into scap-workbench and perform remote system scan only with the modified / "datastream-ized" content.
For simplification & improvement of the user experience of scap-workbench's tool it would be brilliant if it could generate datastream output from content provided in the XCCDF format. E.g. support use case like the following:
Original trac ticket: https://fedorahosted.org/scap-workbench/ticket/259