Bug 1762962

Summary: [RFE] provide NIST 800-171 on RHEL 8
Product: Red Hat Enterprise Linux 8 Reporter: Ryan Mullett <rmullett>
Component: scap-security-guideAssignee: Watson Yuuma Sato <wsato>
Status: CLOSED ERRATA QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: medium Docs Contact: Jan Fiala <jafiala>
Priority: medium    
Version: 8.4CC: ggasparb, jafiala, kborole, lmiksik, mhaicman, mlysonek, pvlasin, vpolasek, wsato
Target Milestone: rcKeywords: FutureFeature
Target Release: 8.0Flags: pm-rhel: mirror+
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: scap-security-guide-0.1.50-14.el8 Doc Type: Enhancement
Doc Text:
.SCAP Security Guide now provides a profile aligned with NIST-800-171 With this update, the `scap-security-guide` packages provide a profile aligned with the NIST-800-171 standard. The profile enables you to harden the system configuration in accordance with security requirements for protection of Controlled Unclassified Information (CUI) in non-federal information systems. As a result, you can more easily configure systems to be aligned with the NIST-800-171 standard.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2020-11-04 02:29:53 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Comment 8 Marek Haicman 2020-08-24 10:48:36 UTC 
This is available upstream for a while - moving to POST.

https://github.com/ComplianceAsCode/content/blob/master/rhel8/profiles/cui.profile
Comment 19 Milan Lysonek 2020-09-04 07:43:33 UTC 
Verified for scap-security-guide-0.1.50-14.el8 based on test results from comment 18.

The aborted test scenario is caused by a known issue mentioned bellow.


Known issue:
* OSPP-based profiles are incompatible with GUI package groups - see https://bugzilla.redhat.com/show_bug.cgi?id=1787156
Comment 22 errata-xmlrpc 2020-11-04 02:29:53 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (scap-security-guide bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:4626