2 SCAP Packages

Describes the SCAP Packages available in the Oracle Linux AppStream repository.

openscap-utils

Contains command line tools that use the OpenSCAP library.

openscap-scanner

Provides the oscap command line configuration and vulnerability scanner, which can perform compliance checking against SCAP content including the SCAP Security Guide. This is automatically installed as a dependency of the openscap-utils package.

openscap

Provides the OpenSCAP open source libraries for generating SCAP compliance documentation.

scap-security-guide

Provides system-hardening guidance in SCAP format, including links to government requirements. The guide provides security profiles that you can change to comply with site security policies.

openscap-engine-sce

The openscap-engine-sce package lets OpenSCAP run Script Check Engine (SCE) compliance checks included by content authors, such as those in the scap-security-guide. SCE checks are used when OVAL is insufficient for certain compliance requirements. This package is for checking compliance only and not for remediation.

scap-workbench

A graphical utility for working with OpenSCAP. See: https://www.open-scap.org/tools/scap-workbench/.

For information about SCAP package features and other changes in Oracle Linux 9, see the release notes in the Oracle Linux 9 documentation.

Installing SCAP Packages

Describes how to install the SCAP packages from the Oracle Linux 9 AppStream repository.

1. Verify that the ol9_appstream repository is enabled.

   Enter the following command:

   dnf repolist | grep appstream

   If the ol9_appstream repository is enabled, it's listed in the output:

   ol9_appstreamOracle Linux9 Application Stream Packages (x86_64)
             

2. Use dnf to install the required packages.

   For example:

   sudo dnf install openscap openscap-utils scap-security-guide