Description of problem:
current oscap workflow: 'openscap policy' configures the 'foreman_scap_client' puppet-module, which in turn configures the oscap_client on the hosts.
Currently looking at the OSCAP functionality via the WebUI it looks like OSCAP policy can only be added to the hosts being provisioned by foreman.
That is the policy can be assigned to Hosts only by these 2 methods:
a) while creating the policy associate it to Host-group
b) After creating an "Host" associate it via the "select Actions" button on the "All Hosts" page
So what about the Hosts/systems which already exist or not provisioned by foreman? I mean how can we assign policy to these hosts/systems. ?
Some say puppet-module will configure the hosts, but as said above puppet-module itself will be configured by OSCAP policy.
Version-Release number of selected component (if applicable):
sat6.1 beta snap3
Steps to Reproduce:
1. unable to assign oscap policy to non foreman provisioned hosts.
Should be able to assign oscap policy to non foreman provisioned hosts.
unable to assign oscap policy to non foreman provisioned hosts.
should be able to assign OSCAP policy to content-hosts.
I say content-hosts, meaning to say "all the hosts/systems" associated with satellite6.1
To assign OSCAP policy to non-foreman provisioned hosts we need to first register the hosts configured for puppet with satellite6.1.
Only then the hosts will be visible under the "ALL hosts" page and oscap policy can be assigned via the "select Actions" button.
We currently relay on Puppet to configure foreman_scap_client on the client hosts. This should be a future feature and should not block OpenSCAP on 6.1 GA
(note: this will happen automatically when single host feature will come to Satellite)
*** This bug has been marked as a duplicate of bug 1266483 ***