使用带有开放上限的CIS基准
使用带有开放上限的CIS基准
提问于 2016-09-07 07:37:31
我正在努力使独联体Centos 6基准运行与开放上限。但不起作用。我这样称呼它:
oscap oval eval /var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml产生大量的输出,比如
File '/var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml' line 8464: Element '{http://oval.mitre.org/XMLSchema/oval-definitions-5}object_component': No match found for key-sequence ['oval:org.cisecurity.benchmarks.o_centos_centos:obj:10389'] of keyref '{http://oval.mitre.org/XMLSchema/oval-definitions-5}objectKeyRef'.
File '/var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml' line 8470: Element '{http://oval.mitre.org/XMLSchema/oval-definitions-5}object_component': No match found for key-sequence ['oval:org.cisecurity.benchmarks.o_centos_centos:obj:10391'] of keyref '{http://oval.mitre.org/XMLSchema/oval-definitions-5}objectKeyRef'.
File '/var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml' line 8476: Element '{http://oval.mitre.org/XMLSchema/oval-definitions-5}object_component': No match found for key-sequence ['oval:org.cisecurity.benchmarks.o_centos_centos:obj:10391'] of keyref '{http://oval.mitre.org/XMLSchema/oval-definitions-5}objectKeyRef'.
File '/var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml' line 8482: Element '{http://oval.mitre.org/XMLSchema/oval-definitions-5}object_component': No match found for key-sequence ['oval:org.cisecurity.benchmarks.o_centos_centos:obj:10393'] of keyref '{http://oval.mitre.org/XMLSchema/oval-definitions-5}objectKeyRef'.
File '/var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml' line 8488: Element '{http://oval.mitre.org/XMLSchema/oval-definitions-5}object_component': No match found for key-sequence ['oval:org.cisecurity.benchmarks.o_centos_centos:obj:10393'] of keyref '{http://oval.mitre.org/XMLSchema/oval-definitions-5}objectKeyRef'.
File '/var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml' line 8494: Element '{http://oval.mitre.org/XMLSchema/oval-definitions-5}object_component': No match found for key-sequence ['oval:org.cisecurity.benchmarks.o_centos_centos:obj:10395'] of keyref '{http://oval.mitre.org/XMLSchema/oval-definitions-5}objectKeyRef'.
File '/var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml' line 8500: Element '{http://oval.mitre.org/XMLSchema/oval-definitions-5}object_component': No match found for key-sequence ['oval:org.cisecurity.benchmarks.o_centos_centos:obj:10395'] of keyref '{http://oval.mitre.org/XMLSchema/oval-definitions-5}objectKeyRef'.
OpenSCAP Error: Invalid OVAL Definition (5.11) content in /var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml. [oscap_source.c:268]我试着用--skip-valid来解决这个问题,但这也没有帮助:
oscap oval eval --skip-valid /var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml
OpenSCAP Error: Unknown test type oval:org.cisecurity.benchmarks.o_centos_centos:tst:10003. [oval_test.c:402]
Failed to import the OVAL Definitions from '/var/tmp/cis-cat-full/benchmarks/CIS_CentOS_Linux_6_Benchmark_v2.0.1-oval.xml'. [oval_session.c:238]有没有人有经验运行的独联体基准与开放上限,如果是,这是如何工作?
回答 2
Server Fault用户
发布于 2016-09-07 20:03:06
我是一个OpenSCAP开发人员。我们使用MITRE和CIS提供的官方XML模式。从消息看,您得到的OVAL文件不是一个有效的Oval5.11文件。
你可以通过使用--跳过-有效的方法来解决这个问题,但更好的解决办法是向CIS报告这个问题,并将其修复。
Server Fault用户
发布于 2021-11-07 01:34:20
Openscap1.3.4似乎没有AIX interim_fix功能,这导致不运行CIS unix.xml oval文件。
添加下面的行并构建源代码将修复这个问题,而忽略interim_fix测试
文件:src/oval_枚举.c
{OVAL_AIX_INTERIM_FIX, "interim_fix"},
{OVAL_AIX_NO, "no"},页面原文内容由Server Fault提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://serverfault.com/questions/801491
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号