Bug 2007440

Summary: [RFE] Compliance scap configure for satellite and capsule server
Product: Red Hat Satellite Reporter: sdholpur
Component: SCAP PluginAssignee: satellite6-bugs <satellite6-bugs>
Status: CLOSED WONTFIX QA Contact: Jameer Pathan <jpathan>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.9.0CC: ahumbe, dsinglet, egolov, ehelms, gpayelka, lzap, mhulan, tbrisker
Target Milestone: UnspecifiedKeywords: FutureFeature
Target Release: Unused   
Hardware: Unspecified   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-03-08 11:25:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description sdholpur 2021-09-23 21:14:45 UTC 
Description of problem: Report Compliance for Satellite Server (and Capsules)


Version-Release number of selected component (if applicable): satellite 6.9.5


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 2 Evgeni Golov 2021-10-05 13:34:46 UTC 
This *should* be possible today, if you have the Satellite/Capsule as a regular managed host in Satellite and roll out the OpenSCAP configuration using Ansible or Puppet.

Can you provide more details what is missing for you today?
Comment 6 Ashish Humbe 2021-12-07 17:43:47 UTC 
We do not support self-registered satellite so we have two options: 

1. If the satellite server is connected to the internet then use Console.redhat.com -> Compliance to scan the satellite for the required SCAP policy and generate the report.
2. If there is no internet connection available for satellite then we can use openscap commands to scan RHEL systems. Refer RHEL documentation 

https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html-single/security_guide/index#scanning-the-system-for-configuration-compliance-and-vulnerabilities_security-hardening
Comment 7 Dana Singleterry 2023-03-08 11:25:49 UTC 
Thank you for your interest in Satellite 6. We have evaluated this request, and while we recognize that it is a valid request, we do not expect this to be implemented in the product in the foreseeable future. This is due to other priorities for the product, and not a reflection on the request itself. We are therefore closing this out as WONTFIX. If you have any concerns about this, please do not reopen. Instead, feel free to contact Red Hat Technical Support. Thank you.