Feature #14158
closed
Added by mattison ward over 8 years ago.
Updated over 6 years ago.
Description
Would it be possible to reference a tailoring file in the config so something like this could be run?
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_rht-ccp_tailored --tailoring-file tailored-rhel6.xml
This puppet module could be changed to deliver the tailoring file and to make it different based on OS/hostgroup, etc https://github.com/theforeman/puppet-foreman_scap_client
One option would be to have a second parameter for foreman_scap_client that was 'custom options' ($2 below) that would let one pass any oscap options to the command such as --tailoring-file or anything else.
oscap xccdf eval --profile $1 $2
- Project changed from 36 to OpenSCAP
- Triaged set to No
- Subject changed from tailoring file to Tailoring file support
- Target version set to 115
I think we could allow uploading tailoring files to Foreman and then allowing to select uploaded tailoring file on policy level. Since policies are normally applied per host group this should be enough. If different OSes needs different tailoring files, this would mean also different policies per OS but I think also XCCDF profiles are usually different for different OSes.
More technical things - tailoring file would have to be stored on OpenSCAP enabled proxy, foreman_scap_client would have to be able to detect it needs to download it from there. Therefore puppet module and ENC would require one more parameter - tailoring file.
- Target version changed from 115 to 1.4.4
- Status changed from New to Assigned
- Assignee set to Ondřej Pražák
- Status changed from Assigned to Ready For Testing
- Pull request https://github.com/theforeman/smart_proxy_openscap/pull/39 added
- Pull request https://github.com/theforeman/foreman_openscap/pull/225 added
- Target version changed from 1.4.4 to 1.10.1
- Pull request https://github.com/theforeman/foreman_openscap/pull/231 added
- Target version changed from 1.10.1 to 1.10.2
- Pull request deleted (
https://github.com/theforeman/foreman_openscap/pull/231)
- Pull request https://github.com/theforeman/puppet-foreman_scap_client/pull/31 added
- Pull request https://github.com/theforeman/foreman_scap_client/pull/18 added
- Translation missing: en.field_release set to 200
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
- Bugzilla link set to 1292510
- Status changed from Closed to Ready For Testing
- Target version changed from 1.10.2 to 1.11.4
- Pull request https://github.com/theforeman/foreman_scap_client/pull/19 added
foreman_scap_client version supporting this 0.3.0
- Target version changed from 1.11.4 to 1.12.1
- Status changed from Ready For Testing to Closed
smart_proxy_openscap 0.6.1
hammer_cli_foreman_openscap 0.1.3
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by