OpenSCAP doesn’t seem to be completely working out of the box.
dnf install openscap scap-security-guide -y
I wanted to use the following profile,
xccdf_org.ssgproject.content_profile_cui that was found using this command.
oscap info /usr/share/xml/scap/ssg/content/ssg-rl8-ds-1.2.xml
Ran this command for scan results.
oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cui /usr/share/xml/scap/ssg/content/ssg-rl8-ds-1.2.xml
All results came back as notapplicable.
Title Disable KDump Kernel Crash Analyzer (kdump) Rule xccdf_org.ssgproject.content_rule_service_kdump_disabled Result notapplicable
To get around this I removed the following line 75342 from /usr/share/xml/scap/ssg/content/ssg-rl8-ds-1.2.xml
<xccdf-1.2:platform idref="cpe:/o:rocky:rocky:8"/> and the expected pass/fail results were returned.
Title Disable KDump Kernel Crash Analyzer (kdump) Rule xccdf_org.ssgproject.content_rule_service_kdump_disabled Result fail
Tested on the latest Rocky Linux release 8.4 (Green Obsidian) GA
Is this a bug or am I missing something?