This took a bit longer to process and fix.
----- Original Message -----
From: "Jan Lieskovsky" jlieskov@redhat.com To: "Martin Preisler" mpreisle@redhat.com Cc: "SCAP Security Guide" scap-security-guide@lists.fedorahosted.org Sent: Friday, August 29, 2014 10:52:44 AM Subject: Re: New report and guide in openscap 1.1.0
Hello Martin,
thank you for the preview of the new look / functionality.
Couple of points for the report case (not sure they have been mentioned already):
Text under Characteristics paragraph:
" User root started the evaluation at 2014-08-28T16:44:12. Evaluation finished at 2014-08-28T16:50:10. The target machine was called localhost.localdomain.
Benchmark from /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml was used. Profile usgcb-rhel6-server was selected."
Might it look better when organized into a table (example below)?
Evaluation Run:
Performed by: root Started: 2014-08-28T16:44:12 \ here maybe also split Y-M-D with space from H-M-S? Finished: 2014-08-28T16:50:10 / Target (of Evaluation): localhost.localdomain Benchmark Location: /usr/share/xml/scap/ssg/content/ssg-rhel6-xccdf.xml Evaluated Profile: usgcb-rhel6-server
Fixed, see 4cc9cdc5f33c6d74c85498d29b7cdb6b0d265700
- Regarding colours - non-consistence in colour shades in "Compliance and
Scoring" vs "Rule Overview" section. Would it be possible to merge the shades? (IOW use just one shade of red, green, gray, orange, etc. across the document)
Fixed, see 1f72e5e3c3e3fad4b0d0b02558dafaa818085682
- Missing the "Rule overview" & "Rule details" anchors (they were present in
previous version). Reasoning "Rule overview" isn't displayed when displaying top of the page. Would it be possible to have "Rule overview" anchor in the top panel to be able quickly to navigate there?
Ad "Rule details" -- since they aren't displayed by default, having "Rule details" anchor would either enable the "Show all result details" button (the page display would behave after clicking "Rule details" like the "Show all result details" button was clicked + the top of the page would be navigated to the start of the details table)
I don't see any reason to include those. If you want this behavior, disable JavaScript and reload the report. I think it's inferior to the modal dialogs.
- Rule titles aren't displayed in the colour of the result -- not sure we
want this, but could you possibly provide preview of a case, where passed rules titles would be coloured out in green (same colour as the bounding box has around the rule result), unknown state rule titles would be in orange, notchecked rule titles in gray etc.
Correct, I highlight rules that need attention. All other rules have plain color. I don't want to make the report even more colorful than it is :-)
Sorry but I do not have time to do this, patches are welcome of course.
- Regarding the "Result Details" table - generally looks fine, but sometimes
the inner rule description is larger than the outside red coloured table. Example of the rule: "Verify and Correct File Permissions with RPM"
The inner table spans out of the red coloured bounding box. Would it be possible either to reduce the inner table or enlarge the outer bounding box?
I made the check-system-details div scroll when overflowing, see e4d6b3a2476f0487319127d56fbc338832585b42
Done the same for remediation fixes in cd68636eb9dde7a5d00dc8b5830d95015cc8d667
- (I think) from the current layering the particular OVAL check test comment
(often clarifying the requirement) might not be immediately visible / noticeable:
Example (current output):
OVAL details nosuid on /dev/shm mount point device uuid fs type mount options mount options mount options total space space used space left /dev/shm tmpfs tmpfs rw seclabel relatime 128830 57 128773
Here the first row table header ("nosuid on /dev/shm") is that comment. Would it be possible to highlight it somehow? E.g.
OVAL details
Requirement: nosuid on /dev/shm (Evaluated) System status:
mount point device uuid ... ... ...
Or use at least bold font for the "nosuid on /dev/shm" OVAL comment.
See 75f5f4f316a7d3cab582e5c9a09f8f89f103e24e
It now says "Items violating {OVAL test}:" because that's exactly what we are showing there.
Otherwise I think in general the output is very nice. Should I notice other points will share them yet.
Looking forward to that.