For rule id: ensure_redhat_gpgkey_installed, it appears to be looking for /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release. I'm sure this works fine for RHEL, but the CentOS content also references this same test, which will fail since it should be looking for /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 instead. Perhaps a slightly modified version of the test is necessary for the various derivatives of RHEL like CentOS?
-Bond
This is true. Most likely the same for Scientific Linux. Would you mind opening a ticket on github?
On Thu, Jul 30, 2015 at 2:40 PM, Bond Masuda bond.masuda@hexadiam.com wrote:
For rule id: ensure_redhat_gpgkey_installed, it appears to be looking for /etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release. I'm sure this works fine for RHEL, but the CentOS content also references this same test, which will fail since it should be looking for /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 instead. Perhaps a slightly modified version of the test is necessary for the various derivatives of RHEL like CentOS?
-Bond
SCAP Security Guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
scap-security-guide@lists.fedorahosted.org
-
Bond Masuda -
Gabe Alford