similar to: CentOS 7.3.1611 scap-security-guide issue

On 02/01/2017 10:15 AM, Micha? Jankowski wrote: > Hello, > > I have noticed that pci-dss profile, ssg-centos7-xccdf.xml will always fail > on test and remediation for disable_prelink rule. That seem to be caused by > insufficient CentOS RPM customization of upstream code. Specifically this: >

Hi - I?m running the OpenSCAP STIG profile on a new CentOS 7.1611 installation, and I get a few failures that look like this (output from openscap scan ?verbosity INFO). I suspect this is because the openscap module is not accepting CentOS 7 as RHEL 7 for rules purposes, despite an early check for "Community Enterprise Operating System 7? which succeeds. 1. Am I correct in why it?s

Hi CentOS experts,* Short Version* I would like to produce a weekly report in HTML for each CentOS 5.x server we have indicating configuration compliance with some industry benchmark. I am looking for a tool or tools to implement this, I am happy to use 3rd party proprietary stuff if necessary. * Long(er) Version* Current Situation.. I have a client with many (200x) CentOS 5.x servers

Hi, Today I tried to update my CentOS 7.5 with latest updates, but it fails to verify the signature of one of the packages: ... scap-security-guide noarch 0.1.36-9.el7.centos updates It seems like this RPM was signed with AltArch PowerPC key (see further down): Warning: /var/cache/yum/x86_64/7/updates/packages/scap-security-guide-0.1.36-9.el7.centos.noarch.rpm: Header V3

Hi Does Puppet support SCAP? If yes, how do you use it? If no, have you thought about it? Is it possible? Have you dismissed the idea completely? If it does support SCAP or will in the future, will the operating system be a factor, i.e. will it support both Linux and Windows? Thank you Kiki -- You received this message because you are subscribed to the Google Groups "Puppet Users"

CentOS Errata and Bugfix Advisory 2023:1099 Upstream details at : https://access.redhat.com/errata/RHBA-2023:1099 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: be9e5f7cee095463cb4d9b9f2109692cc190d7b3dd83fd149316ee244992293f scap-security-guide-0.1.66-1.el7.centos.noarch.rpm

CentOS Errata and Bugfix Advisory 2017:0390 Upstream details at : https://rhn.redhat.com/errata/RHBA-2017-0390.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 40a6d896657dfcb6b55835ba4f0a85ca5d12bee985544f34ae0a8eb0d9c95a45 scap-security-guide-0.1.30-5.el7.centos.noarch.rpm

CentOS Errata and Bugfix Advisory 2017:2933 Upstream details at : https://access.redhat.com/errata/RHBA-2017:2933 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 47e827de6c28edb1bf5538e0fa7b2eb106b3af06cb6c0f68871ccbe057572eb7 scap-security-guide-0.1.33-6.el7.centos.noarch.rpm

CentOS Errata and Bugfix Advisory 2018:2752 Upstream details at : https://access.redhat.com/errata/RHBA-2018:2752 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: d251d8b13aa211d2e9dbf2380d6ff8d7fbb9fbd49aff4af94527286d9829748c scap-security-guide-0.1.36-10.el7.centos.noarch.rpm

CentOS Errata and Bugfix Advisory 2019:0826 Upstream details at : https://access.redhat.com/errata/RHBA-2019:0826 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: bb4c6463fd7698caadf8f2f4eefac7d6e7de514b58b23b1527ae4c24e8f087b0 scap-security-guide-0.1.40-13.el7.centos.noarch.rpm

Hi All, I noticed that a few years back, someone from Puppet Labs (well Reductive Labs at that time) reached out to the openscap list in an attempt to collaborate on puppet modules: https://www.redhat.com/archives/open-scap-list/2010-March/msg00000.html it seems like the aqueduct project is/was working on a similar ''harden through puppet modules'' approach:

https://bugzilla.mindrot.org/show_bug.cgi?id=1278 Jakub Jelen <jjelen at redhat.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|WONTFIX |--- Status|CLOSED |REOPENED CC| |jjelen

I think, this SIG would/should care about hardening CentOS itself as a system not a complete environment (proxies, firewalls, etc.) The examples of the opener show this. Something else could be integrity checking possibly. I imagine a tool/script that could apply hardening stuff. Regards Tim Am 22. April 2015 09:23:52 MESZ, schrieb Eero Volotinen <eero.volotinen at iki.fi>: >Sounds

Is the https://wiki.centos.org/TipsAndTricks/CentOSUpgradeTool still not recommend? Is there a expected time when it will be working? Thanks, Jerry

Hi, Can someone please point me to where I can find this early version of the IEEE802.1Qbg implementation? When I downloaded the 0.9.38 version of lldpad, it does not have the latest set of code mentioned below. Thanks. Arpit. -----Original Message----- From: virtualization-bounces at lists.linux-foundation.org [mailto:virtualization-bounces at lists.linux-foundation.org] On Behalf Of

Hi, Can someone please point me to where I can find this early version of the IEEE802.1Qbg implementation? When I downloaded the 0.9.38 version of lldpad, it does not have the latest set of code mentioned below. Thanks. Arpit. -----Original Message----- From: virtualization-bounces at lists.linux-foundation.org [mailto:virtualization-bounces at lists.linux-foundation.org] On Behalf Of

Hi, This set of patches contains the initial implementation of the IEEE 802.1Qbg standard: code for the exchange of EVB TLVs in LLDP frames to negotiate VSI capabalities as well as VDP VSI TLVs between a host with virtual machines and an adjacent switch. It supports setting the parameters of the TLV exchange from the command line using lldptool. VDP profiles consisting of

Hi, This set of patches contains the initial implementation of the IEEE 802.1Qbg standard: code for the exchange of EVB TLVs in LLDP frames to negotiate VSI capabalities as well as VDP VSI TLVs between a host with virtual machines and an adjacent switch. It supports setting the parameters of the TLV exchange from the command line using lldptool. VDP profiles consisting of

Hi, this set of patches contains the initial implementation of the IEEE 802.1Qbg standard: code for the exchange of EVB TLVs in LLDP frames to negotiate VSI capabalities as well as VDP VSI TLVs between a host with virtual machines and an adjacent switch. It supports setting the parameters of the TLV exchange from the command line using lldptool. VDP profiles consisting of

Hi, this set of patches contains the initial implementation of the IEEE 802.1Qbg standard: code for the exchange of EVB TLVs in LLDP frames to negotiate VSI capabalities as well as VDP VSI TLVs between a host with virtual machines and an adjacent switch. It supports setting the parameters of the TLV exchange from the command line using lldptool. VDP profiles consisting of