[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] No Openscap for Fedora Atomic?

From: Micah Abbott <miabbott redhat com>
To: Josh Berkus <jberkus redhat com>, atomic-devel <atomic-devel projectatomic io>
Subject: Re: [atomic-devel] No Openscap for Fedora Atomic?
Date: Tue, 28 Jun 2016 09:41:42 -0400

On 06/27/2016 06:32 PM, Josh Berkus wrote:

Folks,

Unlike RHEL and CentOS, Fedora Atomic seems to be missing the Openscap
service required to run atomic scan.  What's involved in getting this
added in?

I don't believe OpenSCAP is included in either RHEL or CentOS AH (seebelow).


I believe the way to get started with OpenSCAP is with a container:

https://hub.docker.com/r/openscap/openscap-daemon-f23/

This is the prescribed method for the RHEL AH hosts, combined with'atomic scan':


https://access.redhat.com/errata/RHEA-2016:1327


-Micah


-bash-4.2# rpm-ostree status

TIMESTAMP (UTC) VERSION ID OSNAMEREFSPEC* 2016-04-04 21:25:34 7.20160404 e39c28570acentos-atomic-hostcentos-atomic-host:centos-atomic-host/7/x86_64/standard


GPG: Found 1 signature on the booted deployment (*):

Signature made Mon 04 Apr 2016 09:33:10 PM UTC using RSA key IDF17E745691BA8335

  Good signature from "CentOS Atomic SIG <security centos org>"
-bash-4.2# rpm -qa | grep openscap
-bash-4.2#


-bash-4.2# rpm-ostree status

TIMESTAMP (UTC) VERSION ID OSNAMEREFSPEC* 2016-06-06 18:12:07 7.2.5 4bf265cf86 rhel-atomic-hostrhel-atomic-host-ostree:rhel-atomic-host/7/x86_64/standard

-bash-4.2# rpm -qa | grep openscap
-bash-4.2#

Follow-Ups:
- Re: [atomic-devel] No Openscap for Fedora Atomic?
  - From: Brent Baude

References:
- [atomic-devel] No Openscap for Fedora Atomic?
  - From: Josh Berkus

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]