Viewing the profile files

On the CentOS machine, you'll see the profile files in the /usr/share/xml/scap/ssg/content/ directory. On the Ubuntu machine, you'll see what few profiles there are in the /usr/share/openscap/ directory. The profile files are in the .xml format, and each one contains one or more profiles that you can apply to the system:

[donnie@localhost content]$ pwd
/usr/share/xml/scap/ssg/content
[donnie@localhost content]$ ls -l
total 50596
-rw-r--r--. 1 root root  6734643 Oct 19 19:40 ssg-centos6-ds.xml
-rw-r--r--. 1 root root  1596043 Oct 19 19:40 ssg-centos6-xccdf.xml
-rw-r--r--. 1 root root 11839886 Oct 19 19:41 ssg-centos7-ds.xml
-rw-r--r--. 1 root root  2636971 Oct 19 19:40 ssg-centos7-xccdf.xml
-rw-r--r--. 1 root root      642 Oct 19 19:40 ssg-firefox-cpe-dictionary.xml
. . .
. . .
-rw-r--r--. 1 root root 11961196 Oct 19 19:41 ssg-rhel7-ds.xml
-rw-r--r--. 1 root root   851069 Oct 19 19:40 ssg-rhel7-ocil.xml
-rw-r--r--. 1 root root  2096046 Oct 19 19:40 ssg-rhel7-oval.xml
-rw-r--r--. 1 root root  2863621 Oct 19 19:40 ssg-rhel7-xccdf.xml
[donnie@localhost content]$

The command-line utility for working with OpenSCAP is oscap. We can use this with the info switch to view information about any of the profile files. Let's look at the ssg-centos7-xccdf.xml file:

[donnie@localhost content]$ sudo oscap info ssg-centos7-xccdf.xml
Document type: XCCDF Checklist
Checklist version: 1.1
Imported: 2017-10-19T19:40:43
Status: draft
Generated: 2017-10-19
Resolved: true
Profiles:
    standard
    pci-dss
    C2S
    rht-ccp
    common
    stig-rhel7-disa
    stig-rhevh-upstream
    ospp-rhel7
    cjis-rhel7-server
    docker-host
    nist-800-171-cui
Referenced check files:
    ssg-rhel7-oval.xml
        system: http://oval.mitre.org/XMLSchema/oval-definitions-5
    ssg-rhel7-ocil.xml
        system: http://scap.nist.gov/schema/ocil/2
    https://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml.bz2
        system: http://oval.mitre.org/XMLSchema/oval-definitions-5
[donnie@localhost content]$

We can see that this file contains 11 different profiles that we can apply to the system. Among them, you see profiles for stig and pci-dss, just as we had for the auditing rules. And, if you're running Docker containers, the docker-host profile would be extremely handy.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
13.59.218.147