Please have a look at the patch.
On Fri, Feb 3, 2017 at 1:52 AM Johnny Hughes johnny@centos.org wrote:
On 02/01/2017 10:15 AM, Michał Jankowski wrote:
Hello,
I have noticed that pci-dss profile, ssg-centos7-xccdf.xml will always
fail
on test and remediation for disable_prelink rule. That seem to be caused
by
insufficient CentOS RPM customization of upstream code. Specifically
this:
https://github.com/OpenSCAP/scap-security-guide/blob/master/shared/oval/disa...
<
https://github.com/OpenSCAP/scap-security-guide/blob/master/shared/oval/disa...
That condition will always fail on CentOS because it misses: <extend_definition comment="Installed OS is CentOS7" definition_ref=" installed_OS_is_centos7" />
I was thinking about raising a bug on https://bugs.centos.org or
committing
a fix in https://git.centos.org/summary/rpms!scap-security-guide but I
am
unsure as to what action should I take.
You can clone that git project from git.centos.org, then checkout the 'c7' branch and fix the issue on your branch .. then use the git --format-patch option as explained here:
https://ariejan.net/2009/10/26/how-to-create-and-apply-a-patch-with-git/
Then you can send your patch (attached to an email) to the CentOS-Devel mailing list (https://lists.centos.org/mailman/listinfo/centos-devel) and I will import it into the git repo and fix the package.
<snip>
Thanks, Johnny Hughes
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos