Skip to content

Install openscap-scanner Package

An XCCDF Rule

Description

The openscap-scanner package can be installed with the following command:

$ sudo yum install openscap-scanner

Rationale

openscap-scanner contains the oscap command line tool. This tool is a configuration and vulnerability scanner, capable of performing compliance checking using SCAP content.

ID
xccdf_org.ssgproject.content_rule_package_openscap-scanner_installed
Severity
Medium
References
Updated



Remediation - Puppet

include install_openscap-scanner

class install_openscap-scanner {
  package { 'openscap-scanner':
    ensure => 'installed',
  }

Remediation - Shell Script


if ! rpm -q --quiet "openscap-scanner" ; then
    yum install -y "openscap-scanner"
fi

Remediation - Anaconda Pre-Install Instructions


package --add=openscap-scanner

Remediation - OS Build Blueprint


[[packages]]
name = "openscap-scanner"
version = "*"

Remediation - Ansible

- name: Ensure openscap-scanner is installed
  package:
    name: openscap-scanner
    state: present
  tags:
  - CCE-82219-7