ssg-el8-kickstart

[foresthus]

Hi, will there be a solution for Redhat8?

[fcaviggia]

Eventually, I haven't had a lot of time to maintain this...

[fcaviggia]

Targeting RHEL 8.1 - there needs to be a NIAP (https://www.niap-ccevs.org/) and Common Criteria evaluation to be officially used for national security systems (NSS).

[foresthus]

So I will wait for more informations. thnx

[fcaviggia]

One thing I'd like to do is unify the CentOS and RHEL install process so they are treated the same - I'm also making the kickstart script modular to change out items for static (no-interaction) and GUI (interactive) installations. Still waiting on CentOS 8 to come out...

[fcaviggia]

Looks like CentOS 8 is coming out 24 September - I'll probably start work on it then.

[TidyData]

Big day for 8.1 is here, appreciate your work for these kickstarts. Looking forward to 8.1 : )

[fcaviggia]

I'll finally have some down time to work on side project over the next two weeks - trying to get this done over the break.

[agit05]

Hi Frank, Any update about the ssg-el8-kickstart? I think for RHEL8 we can use one of the scap profiles (eg. ccdf_org.ssgproject.content_profile_standard), since DISA STIG is still in draft mode. Cheers.

[fcaviggia]

I downloaded RHEL 8.2 - I'm just barley getting time to work on it - I have bigger issues that I'm dealing with right now.

[agit05]

Ok, trying to help out if possible, I made some adjustment to use the rhel8 image, but I am having small issues with loading of the menu.py after the boot sequence, I know display manager changed, but I am not sure if is crashing before loading it or not. Will continue to investigate.

[agit05]

May it be that because python is not installed by default the menu.py will not run by default out of the box, so a different approach is needed. Probably kickstarting the install and applying the SCAP profile as described in https://github.com/RedHatGov/rhel8-stig-latest

[mithusingh32]

@agit05 Anaconda is using python3. I think the issue is the menu.py has python2 code which does not work with python3.

Currently, I made a text-based menu option that applies the STIG via shell script.

[nlandas]

I downloaded RHEL 8.2 - I'm just barley getting time to work on it - I have bigger issues that I'm dealing with right now.

We really appreciate your work on the ssg-elX-kickstart project. Have you had an opportunity to advance the project for RHEL 8.2? Thanks.

[fcaviggia]

I haven't had time to work on CentOS 8 - the major reason is the Dual Layer DVD and re-write to support pyhton3 requirements. I've generally just embedded customized kickstarts and packages on the DVD if I make something custom. I'm doing a lot of standards and cross domain work these days - I haven't had a lot of time to play due to work and life.

[gsrutkowski]

Rather than re-write menu.py for python3, I injected python2.7 and the necessary libraries into the rootfs.img inside the /images/install.img SquashFS. the menu works, and everything seems to install correctly minus a few missing packages on the RHEL8 DVD (screen and pam_pkcs11 being the most memeorable).
whether by intention or not, the config/ directory setup has been beautiful: everything inside is copied into the finished ISO and overwrites what was on the original disks, making it VERY easy to replace .img files and such.