RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1038655 - [RFE] Inclusion of scap-security-guide in RHEL
Summary: [RFE] Inclusion of scap-security-guide in RHEL
Keywords:
Status: CLOSED DUPLICATE of bug 1066390
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: openscap
Version: 6.6
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Šimon Lukašík
QA Contact: BaseOS QE Security Team
URL:
Whiteboard:
Depends On: 1066390
Blocks: 994246 1108067
TreeView+ depends on / blocked
 
Reported: 2013-12-05 15:19 UTC by David Sirrine
Modified: 2018-12-09 17:20 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
: 1108067 (view as bug list)
Environment:
Last Closed: 2014-07-04 18:44:52 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 768673 0 None None None Never

Description David Sirrine 2013-12-05 15:19:59 UTC 
1) What is the nature and description of the request?
   This request is to identify a package maintainer to include the scap-security-guide into the standard RHEL repositories which are currently available only from EPEL (https://fedorahosted.org/scap-security-guide/).

2) Business Requirements
   Red Hat currently provides the libraries and capabilities to interface with SCAP on a few different fronts, most notably through Satellite. The technical data is still not provided by Red Hat directly through the supported RHEL base channels. This causes compliance issues within customer who does not allow the use of EPEL software. Adding this will help customers make informed decisions on security as it applies to their server hardening. 

3) Functional Requirements
   Identify business unit and package maintainer to collect updates from upstream and package them for distribution in RHEL base channels.

4) Is there already an RFE? 
   No

5) Timeline
   Currently there is no specific required version for inclusion by the customer, though inclusion is required eventually.

6) Is the sales team involved in this request?
   No

7) Affected packages:
   openscap and scap-security-guide

8) Customer testing:
   Customer is willing to test functionality when it is considered for implementation.
Comment 3 Shawn Wells 2014-02-13 17:05:56 UTC 
(In reply to David Sirrine from comment #0)
> 1) What is the nature and description of the request?
>    This request is to identify a package maintainer to include the
> scap-security-guide into the standard RHEL repositories which are currently
> available only from EPEL (https://fedorahosted.org/scap-security-guide/).
> 
> 2) Business Requirements
>    Red Hat currently provides the libraries and capabilities to interface
> with SCAP on a few different fronts, most notably through Satellite. The
> technical data is still not provided by Red Hat directly through the
> supported RHEL base channels. This causes compliance issues within customer
> who does not allow the use of EPEL software. Adding this will help customers
> make informed decisions on security as it applies to their server hardening. 
> 
> 3) Functional Requirements
>    Identify business unit and package maintainer to collect updates from
> upstream and package them for distribution in RHEL base channels.
> 
> 4) Is there already an RFE? 
>    No
> 
> 5) Timeline
>    Currently there is no specific required version for inclusion by the
> customer, though inclusion is required eventually.
> 
> 6) Is the sales team involved in this request?
>    No

Feel free to use myself as the sales rep for this (on behalf of U.S. Public Sector).

Dave Egts as our chief technologist.



> 
> 7) Affected packages:
>    openscap and scap-security-guide
> 
> 8) Customer testing:
>    Customer is willing to test functionality when it is considered for
> implementation.

Happy to add color around customer demand for this as needed.
Comment 4 David Sirrine 2014-02-14 15:17:05 UTC 
Shawn,

Thank you for supplying this feedback here. This RFE coincides with bug 1059921 to help increase documentation of OpenSCAP within the product. I, as well as others, are seeing quite a bit of interest in OpenSCAP, and the better we can provide documentation and usability, the more likely it is they will use it. If there are any questions, comments, or concerns. Please feel free to reach out.

Regards,

David Sirrine, RHCE
Technical Account Manager
Global Support Services
Comment 5 Shawn Wells 2014-02-19 17:14:34 UTC 
Question: Is there a reason this BZ is marked employee internal? Can we open this up to the public? Customer specific RFE comments can be marked private.
Comment 6 David Sirrine 2014-02-19 18:37:35 UTC 
Answer: No. No reason this is marked employee internal. Should have been public to begin with.
Comment 7 Shawn Wells 2014-02-19 20:15:10 UTC 
(In reply to David Sirrine from comment #6)
> Answer: No. No reason this is marked employee internal. Should have been
> public to begin with.

Thanks. Clearing RHT internal flags.
Comment 10 Shawn Wells 2014-02-25 22:45:37 UTC 
(In reply to Shawn Wells from comment #7)
> (In reply to David Sirrine from comment #6)
> > Answer: No. No reason this is marked employee internal. Should have been
> > public to begin with.
> 
> Thanks. Clearing RHT internal flags.

Looks like I missed an internal flag. Setting to public.
Comment 14 Šimon Lukašík 2014-07-04 18:44:52 UTC 
The effort to include scap-security-guide is tracked under bug 1066390. The scap-security-guide package has been handovered to QA and it is on its way to live.

Thank you guys for the feature request! And kudos to Jan for taking maintainership!

*** This bug has been marked as a duplicate of bug 1066390 ***
Note You need to log in before you can comment on or make changes to this bug.