On 02/02/2017 12:13 PM, Steve Poe wrote:
I am reading about the ability to scan my images for known vulnerabilities.
On the Atomic host I created, I updated /etc/atomic.conf file and added
the line:
'default_scanner: openscap'
However, the change does not work for me:
atomic scan --list
There are no scanners configured for this system.
What am I doing wrong?
CAH info:
centos-atomic-continuous:centos-atomic-host/7/x86_64/devel/alpha
Version: 7.2017.15 (2017-01-31 00:49:10)
I don't think the 'atomic scan' command will work right out of the box with just that configuration.
You'll need to specify a scanner definition in '/etc/atomic.d/' like shown here:
https://github.com/projectatomic/atomic/blob/master/atomic.d/openscap That should get you going in the right direction.