-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
None
-
2
-
False
-
-
False
-
0
-
-
Bug Fix
-
Proposed
-
-
-
Important
-
To Do
-
None
Problem Statement
On Red Hat Satellite default content can be uploaded initially by using command 'hammer scap-content bulk-upload --type default'.
Need a command to update the digest of existing policies by looking them up from /usr/share/xml/scap/ssg/content/
User Experience & Workflow
- We can keep the package 'scap-security-guide' up to date on the Satellite server to receive the latest updates.
~~~
- satellite-maintain packages update scap-security-guide
~~~
After updating the package, need to perform the below steps for every SCAP content that should be updated.
- cd /usr/share/xml/scap/ssg/content/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
ssg-rhel6-ds.xml ===> For rhel-6 // Based on the ID you have to point to the release.
ssg-rhel7-ds.xml ===> For rhel-7
ssg-rhel8-ds.xml ===> For rhel-8
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~
- hammer scap-content list
- hammer scap-content update --scap-file /usr/share/xml/scap/ssg/content/ssg-xxxxx-ds.xml --id <ID> // Get the ID from the previous command and replace the ID.
~~~
- There seems no option to update the SCAP content to latest for all SCAP content available inside '/usr/share/xml/scap/ssg/content/'.
Requirements
The requirement is to improve the behavior of 'hammer scap-content bulk-upload --type default' or to have a bulk-update option that can update the digest of existing policies by looking them up from /usr/share/xml/scap/ssg/content/
Business Impact
There is no specific command to update SCAP content for every SCAP content available.
