Cross posting this to the SSG community -- a preview of what RH is working on for future Fedora & RHEL releases :)
-------- Original Message -------- Subject: [Open-scap] Video preview of the OSCAP Anaconda addon Date: Wed, 24 Apr 2013 10:27:03 +0200 From: Vratislav Podzimek vpodzime@redhat.com To: open-scap-list@redhat.com
Hello everybody, I'm a member of the Anaconda installer team and as my master thesis I'm developing an addon for the Anaconda that would allow SCAP content evaluation during the installation process. To provide a preview of what I've done so far I've recorded a video [1]. The quality is not that great I'd like it to be, but I hope it would serve the purpose of presenting the basic ideas and approach.
The work is far from being finished, but it already covers the most important actions that need to take place. What is currently missing is a profile selection in the GUI and support for more content types than just datastreams. In the future, there will probably also be an addon for the Initial Setup (new Firstboot) that will show the results from the evaluation and remediation that is done after installation in the chroot of the newly installed system.
Looking forward to see your comments and suggestions,
Hi list,
the video that Vratislav sent demonstrates functionality that enable users to perform remediation during system installation. It utilizes <fix> elements in XCCDF and perform changes to installed image. If you boot the image, a system is in compliance right after first boot.
Obviously, the content needs to be supplied with <fix> scripts to make it work. :)
Peter.
On 04/24/2013 04:51 PM, Shawn Wells wrote:
Cross posting this to the SSG community -- a preview of what RH is working on for future Fedora & RHEL releases :)
-------- Original Message -------- Subject: [Open-scap] Video preview of the OSCAP Anaconda addon Date: Wed, 24 Apr 2013 10:27:03 +0200 From: Vratislav Podzimek vpodzime@redhat.com To: open-scap-list@redhat.com
Hello everybody, I'm a member of the Anaconda installer team and as my master thesis I'm developing an addon for the Anaconda that would allow SCAP content evaluation during the installation process. To provide a preview of what I've done so far I've recorded a video [1]. The quality is not that great I'd like it to be, but I hope it would serve the purpose of presenting the basic ideas and approach.
The work is far from being finished, but it already covers the most important actions that need to take place. What is currently missing is a profile selection in the GUI and support for more content types than just datastreams. In the future, there will probably also be an addon for the Initial Setup (new Firstboot) that will show the results from the evaluation and remediation that is done after installation in the chroot of the newly installed system.
Looking forward to see your comments and suggestions,
-- Vratislav Podzimek
Anaconda Rider | Red Hat, Inc. | Brno - Czech Republic
Open-scap-list mailing list Open-scap-list@redhat.com https://www.redhat.com/mailman/listinfo/open-scap-list
scap-security-guide mailing list scap-security-guide@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
scap-security-guide@lists.fedorahosted.org
-
Peter Vrabec -
Shawn Wells