Bug 1755192 - [RFE] Add support for ACSC Essential Eight profiles (RHEL7)
Summary: [RFE] Add support for ACSC Essential Eight profiles (RHEL7)
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: scap-security-guide
Version: 7.8
Hardware: All
OS: Linux
Target Milestone: rc
: ---
Assignee: Watson Yuuma Sato
QA Contact: Gabriel Gaspar Becker
Mirek Jahoda
Depends On:
TreeView+ depends on / blocked
Reported: 2019-09-25 01:29 UTC by Shane Boulden
Modified: 2020-11-14 04:36 UTC (History)
14 users (show)

Fixed In Version: scap-security-guide-0.1.46-9.el7
Doc Type: Enhancement
Doc Text:
.SCAP Security Guide now supports ACSC Essential Eight The `scap-security-guide` packages now provides the Australian Cyber Security Centre (ACSC) Essential Eight compliance profile and a corresponding Kickstart file. With this enhancement, users can install a system that conforms with this security baseline. Furthermore, you can use the *OpenSCAP* suite for checking security compliance and remediation using this specification of minimum security controls defined by ACSC.
Clone Of:
Last Closed: 2020-03-31 19:38:32 UTC
Target Upstream Version:

Attachments (Terms of Use)
Final report of E8 profile scanning after RHEL installation through Anaconda + OSCAP Anaconda Addon (1.15 MB, text/html)
2019-11-25 12:29 UTC, Gabriel Gaspar Becker
no flags Details

System ID Private Priority Status Summary Last Updated
Github ComplianceAsCode content pull 4859 0 'None' closed Add Essential Eight profiles 2020-11-01 21:44:25 UTC
Red Hat Product Errata RHBA-2020:1019 0 None None None 2020-03-31 19:38:39 UTC

Comment 4 Shawn Wells 2019-10-23 02:06:45 UTC
Setting info to mthacker.

Mark - What needs to be done to ensure this lands in the next RHEL rebase of scap-security-guide? Would consider this a "new feature" vs errata/z-stream update, which may mean next RHEL minor release. The code is already merged upstream. Supporting links in Shane's comments above.

Comment 9 Watson Yuuma Sato 2019-11-13 14:45:51 UTC
Essential Eight Profiles are added in https://github.com/ComplianceAsCode/content/pull/4859

Comment 10 Matěj Týč 2019-11-15 16:23:08 UTC
https://github.com/ComplianceAsCode/content/pull/5010 fixes rules that were failing to remediate.

Comment 12 Gabriel Gaspar Becker 2019-11-18 14:42:15 UTC
https://github.com/ComplianceAsCode/content/pull/5005 Adds simple kickstart files that can be used to automatate RHEL installation using this E8 profile.

Comment 14 Gabriel Gaspar Becker 2019-11-25 12:29:36 UTC
Created attachment 1639456 [details]
Final report of E8 profile scanning after RHEL installation through Anaconda + OSCAP Anaconda Addon

Final report of E8 profile scanning produced after RHEL7.8 installation.

Comment 23 errata-xmlrpc 2020-03-31 19:38:32 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.