1755192 – [RFE] Add support for ACSC Essential Eight profiles (RHEL7)

Bug 1755192 - [RFE] Add support for ACSC Essential Eight profiles (RHEL7)

Summary: [RFE] Add support for ACSC Essential Eight profiles (RHEL7)

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	scap-security-guide
Sub Component:
Version:	7.8
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	rc
Target Release:	---
Assignee:	Watson Yuuma Sato
QA Contact:	Gabriel Gaspar Becker
Docs Contact:	Mirek Jahoda
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2019-09-25 01:29 UTC by Shane Boulden
Modified:	2020-11-14 04:36 UTC (History)
CC List:	14 users (show)
Fixed In Version:	scap-security-guide-0.1.46-9.el7
Doc Type:	Enhancement
Doc Text:	.SCAP Security Guide now supports ACSC Essential Eight The `scap-security-guide` packages now provides the Australian Cyber Security Centre (ACSC) Essential Eight compliance profile and a corresponding Kickstart file. With this enhancement, users can install a system that conforms with this security baseline. Furthermore, you can use the OpenSCAP suite for checking security compliance and remediation using this specification of minimum security controls defined by ACSC.
Clone Of:
Environment:
Last Closed:	2020-03-31 19:38:32 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Final report of E8 profile scanning after RHEL installation through Anaconda + OSCAP Anaconda Addon (1.15 MB, text/html) 2019-11-25 12:29 UTC, Gabriel Gaspar Becker	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Github	ComplianceAsCode content pull 4859	0	'None'	closed	Add Essential Eight profiles	2020-11-01 21:44:25 UTC
Red Hat Product Errata	RHBA-2020:1019	0	None	None	None	2020-03-31 19:38:39 UTC

Comment 4 Shawn Wells 2019-10-23 02:06:45 UTC

Setting info to mthacker.

Mark - What needs to be done to ensure this lands in the next RHEL rebase of scap-security-guide? Would consider this a "new feature" vs errata/z-stream update, which may mean next RHEL minor release. The code is already merged upstream. Supporting links in Shane's comments above.

Comment 9 Watson Yuuma Sato 2019-11-13 14:45:51 UTC

Essential Eight Profiles are added in https://github.com/ComplianceAsCode/content/pull/4859

Comment 10 Matěj Týč 2019-11-15 16:23:08 UTC

https://github.com/ComplianceAsCode/content/pull/5010 fixes rules that were failing to remediate.

Comment 12 Gabriel Gaspar Becker 2019-11-18 14:42:15 UTC

https://github.com/ComplianceAsCode/content/pull/5005 Adds simple kickstart files that can be used to automatate RHEL installation using this E8 profile.

Comment 14 Gabriel Gaspar Becker 2019-11-25 12:29:36 UTC

Created attachment 1639456 [details]
Final report of E8 profile scanning after RHEL installation through Anaconda + OSCAP Anaconda Addon

Final report of E8 profile scanning produced after RHEL7.8 installation.

Comment 23 errata-xmlrpc 2020-03-31 19:38:32 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:1019

Note You need to log in before you can comment on or make changes to this bug.