View Issue Details

IDProjectCategoryView StatusLast Update
0002245Rocky-Linux-8scap-security-guidepublic2023-02-16 21:09
ReporterStephan Ellis Assigned To 
Status newResolutionopen 
Platformx84_64OSRocky LinuxOS Version8.7
Summary0002245: CUI Securirty Profile will pass evaluation
DescriptionWhen applying the security profile for NIST 800-171, everything works as expected except for two components. Producing an html report using the oscap tool, you will see that it's failing on the FIPS crypto policy settings and the chrony settings. Checking those settings by hand reveals that they are correct, but the profile evalutaion says they are not.
Steps To ReproduceInstall Rocky linux with the recommended partition scheme, using the Server software selection and the NIST 800-171 security profile. After install, run updates and then run fips-mode-setup --enable and restart. Then run oscap tool using the ssg-rl8-ds.xml scap content and the "cui" profile.
TagsNo tags attached.


Stephan Ellis

Stephan Ellis

2023-02-16 21:09

reporter   ~0002476

screen shots of the html report

Issue History

Date Modified Username Field Change
2023-02-16 21:03 Stephan Ellis New Issue
2023-02-16 21:09 Stephan Ellis Note Added: 0002476
2023-02-16 21:09 Stephan Ellis File Added: Screenshot from 2023-02-16 15-07-37.png
2023-02-16 21:09 Stephan Ellis File Added: Screenshot from 2023-02-16 15-08-26.png