Bug 1755192

Summary: [RFE] Add support for ACSC Essential Eight profiles (RHEL7)
Product: Red Hat Enterprise Linux 7 Reporter: Shane Boulden <sboulden>
Component: scap-security-guideAssignee: Watson Yuuma Sato <wsato>
Status: CLOSED ERRATA QA Contact: Gabriel Gaspar Becker <ggasparb>
Severity: high Docs Contact: Mirek Jahoda <mjahoda>
Priority: high    
Version: 7.8CC: awestbro, ggasparb, matyc, mhaicman, mjahoda, mthacker, openscap-maint, rtillery, snejoshi, sparks, swells, tborcin, vpolasek, wsato
Target Milestone: rcKeywords: FutureFeature
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: scap-security-guide-0.1.46-9.el7 Doc Type: Enhancement
Doc Text:
.SCAP Security Guide now supports ACSC Essential Eight The `scap-security-guide` packages now provides the Australian Cyber Security Centre (ACSC) Essential Eight compliance profile and a corresponding Kickstart file. With this enhancement, users can install a system that conforms with this security baseline. Furthermore, you can use the *OpenSCAP* suite for checking security compliance and remediation using this specification of minimum security controls defined by ACSC.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-03-31 19:38:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Final report of E8 profile scanning after RHEL installation through Anaconda + OSCAP Anaconda Addon none

Comment 4 Shawn Wells 2019-10-23 02:06:45 UTC 
Setting info to mthacker.

Mark - What needs to be done to ensure this lands in the next RHEL rebase of scap-security-guide? Would consider this a "new feature" vs errata/z-stream update, which may mean next RHEL minor release. The code is already merged upstream. Supporting links in Shane's comments above.
Comment 9 Watson Yuuma Sato 2019-11-13 14:45:51 UTC 
Essential Eight Profiles are added in https://github.com/ComplianceAsCode/content/pull/4859
Comment 10 Matěj Týč 2019-11-15 16:23:08 UTC 
https://github.com/ComplianceAsCode/content/pull/5010 fixes rules that were failing to remediate.
Comment 12 Gabriel Gaspar Becker 2019-11-18 14:42:15 UTC 
https://github.com/ComplianceAsCode/content/pull/5005 Adds simple kickstart files that can be used to automatate RHEL installation using this E8 profile.
Comment 14 Gabriel Gaspar Becker 2019-11-25 12:29:36 UTC 
Created attachment 1639456 [details]
Final report of E8 profile scanning after RHEL installation through Anaconda + OSCAP Anaconda Addon

Final report of E8 profile scanning produced after RHEL7.8 installation.
Comment 23 errata-xmlrpc 2020-03-31 19:38:32 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:1019