[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] No Openscap for Fedora Atomic?



On 06/27/2016 06:32 PM, Josh Berkus wrote:
Folks,

Unlike RHEL and CentOS, Fedora Atomic seems to be missing the Openscap
service required to run atomic scan.  What's involved in getting this
added in?


I don't believe OpenSCAP is included in either RHEL or CentOS AH (see below).

I believe the way to get started with OpenSCAP is with a container:

https://hub.docker.com/r/openscap/openscap-daemon-f23/


This is the prescribed method for the RHEL AH hosts, combined with 'atomic scan':

https://access.redhat.com/errata/RHEA-2016:1327


-Micah


-bash-4.2# rpm-ostree status
TIMESTAMP (UTC) VERSION ID OSNAME REFSPEC * 2016-04-04 21:25:34 7.20160404 e39c28570a centos-atomic-host centos-atomic-host:centos-atomic-host/7/x86_64/standard

GPG: Found 1 signature on the booted deployment (*):

Signature made Mon 04 Apr 2016 09:33:10 PM UTC using RSA key ID F17E745691BA8335
  Good signature from "CentOS Atomic SIG <security centos org>"
-bash-4.2# rpm -qa | grep openscap
-bash-4.2#


-bash-4.2# rpm-ostree status
TIMESTAMP (UTC) VERSION ID OSNAME REFSPEC * 2016-06-06 18:12:07 7.2.5 4bf265cf86 rhel-atomic-host rhel-atomic-host-ostree:rhel-atomic-host/7/x86_64/standard
-bash-4.2# rpm -qa | grep openscap
-bash-4.2#


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]