2 SCAP Packages

Describes the SCAP Packages available in the Oracle Linux AppStream repository.

openscap-utils

Contains command line tools that use the OpenSCAP library.

openscap-scanner

Provides the oscap command line configuration and vulnerability scanner, which can perform compliance checking against SCAP content including the SCAP Security Guide. This is automatically installed as a dependency of the openscap-utils package.

openscap

Provides the OpenSCAP open source libraries for generating SCAP compliance documentation.

scap-security-guide

Provides system-hardening guidance in SCAP format, including links to government requirements. The guide provides security profiles that you can change to comply with site security policies.

openscap-engine-sce

The openscap-engine-sce package lets OpenSCAP run Script Check Engine (SCE) compliance checks included by content authors, such as those in the scap-security-guide. SCE checks are used when OVAL is insufficient for certain compliance requirements. This package is for checking compliance only and not for remediation.

For information about SCAP package features and other changes in Oracle Linux 10, see the release notes in the Oracle Linux 10 documentation.

Installing SCAP Packages

Describes how to install the SCAP packages from the Oracle Linux 10 AppStream repository.

1. Verify that the ol10_appstream repository is enabled.

   Enter the following command:

   dnf repolist | grep appstream

   If the ol10_appstream repository is enabled, it's listed in the output:

   ol10_appstreamOracle Linux10 Application Stream Packages (x86_64)
             

2. Use dnf to install the required packages.

   For example:

   sudo dnf install openscap openscap-utils scap-security-guide