oscap-im - Man Page

The oscap-im tool is a convenience script that makes building hardened bootable container images easier. This tool is designed to be used during the build of the bootable container image. Include oscap-im in your Containerfile that will be used to build your bootable container image. The oscap-im runs oscap tool on a given container image.

The oscap-im tool can't be used anywhere else than in a Containerfile.

oscap-im [OPTION...] DATASTREAM_FILE

Usage of the tool mimics usage and options of oscap(8) tool.

--profile PROFILE_ID

ID of the profile to be evaluated.

--tailoring-file TAILORING_FILE

Use given file for XCCDF tailoring. Select profile from tailoring file to apply using --profile. If both --tailoring-file and --tailoring-id are specified, --tailoring-file takes priority.

--tailoring-id COMPONENT_REF_ID

Use tailoring component in input source data stream for XCCDF tailoring. The tailoring component must be specified by its Ref-ID (value of component-ref/@id attribute in input source data stream). Select profile from tailoring component to apply using --profile. If both --tailoring-file and --tailoring-id are specified, --tailoring-file takes priority.

--results-arf FILE

Writes results to a given FILE in Asset Reporting Format.

--report FILE

Write HTML report into FILE.

Please report bugs using https://github.com/OpenSCAP/openscap/issues

Jan Černý <jcerny@redhat.com>