Differences

This shows you the differences between two versions of the page.

--- linux:compliance_cis [2024/09/20 09:32]
manu
+++ linux:compliance_cis [2025/06/25 16:45] (current)
manu
@@ Line 12: / Line 12: @@
 Generate a result file and a html report using OpenSCAP scanner tool, CIS Benchmark version 1.0.0
   oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis --results scan_results.xml --report scan_report.html /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml
+<cli>
+# oscap xccdf eval --report report.html --profile ospp /usr/share/xml/scap/ssg/content/ssg-rhel8-ds-1.2.xml
+--- Starting Evaluation ---
+Title   Install AIDE
+Rule    xccdf_org.ssgproject.content_rule_package_aide_installed
+Ident   CCE-80844-4
+Result  fail
+Title   Enable Dracut FIPS Module
+Rule    xccdf_org.ssgproject.content_rule_enable_dracut_fips_module
+Ident   CCE-82155-3
+Result  fail
+Title   Enable FIPS Mode
+Rule    xccdf_org.ssgproject.content_rule_enable_fips_mode
+Ident   CCE-80942-6
+Result  fail
+Title   Install crypto-policies package
+Rule    xccdf_org.ssgproject.content_rule_package_crypto-policies_installed
+Ident   CCE-82723-8
+Result  pass
+Title   Configure BIND to use System Crypto Policy
+Rule    xccdf_org.ssgproject.content_rule_configure_bind_crypto_policy
+Ident   CCE-80934-3
+Result  notapplicable
+...
+</cli>

wiki