I’ve created a custom security checklist configuration site where I included some of the fixlets from “DISA STIG Checklist for Red Hat 4”.
Next to that, I run fixlet “Deploy and Run Security Checklist RedHat 4” (from my new checklist) and then Red Hat clients automatically create, under ‘/var/opt/BESClient/__BESData/CustomSite_MyChecklist/’, a directory structure where it stores data gathered from the server for those specific fixlets I included in my custom checklist.
Looking at the actions from fixlet “Deploy and Run Security Checklist RedHat 4” I see it creates and runs several scripts with info gathered from properties ‘x-fixlet-remediate-scripts’ and ‘x-fixlet-detect-scripts’ that are saved on each existing fixlet.
I think I understand how it works. It tooks the fixlet detect and remediate scripts data from those properties and saves it on ‘/var/opt/BESClient/__BESData/CustomSite_MyChecklist/SCM/Linux/4’ (using base64.decode) and then the fixlets use those scripts for remediation and detection.
Now I want to create my custom fixlet with the posibility to work with the same concept, and here is where I crash.
I can’t find where should I define the properties ‘x-fixlet-remediate-scripts’ and ‘x-fixlet-detect-scripts’ in my custom fixlets (with my scripts data), so when the deploy fixlet reads them, it can create my custom scripts for my specific fixlets.
Thanks for your answer. I’ve read the document you told me, but it doesn’t say anything about
how
to edit this metadata.
Looking around, I found out that if I export the fixlet, I’m able to edit its content (the metadata) and then import it again. I didn’t try it yet, I’m on testing phase, hope it works.
The only supported way to customize SCM content at this time is through the copy wizard that has just been released. In addition, some wizards will soon be available in BigFix labs which will help to make new checks.
In order to make modifications or create new content at the level of detail mentioned in the link that was provided, for the moment you’ll need to export the content as XML, modify it and import it again. Doing this in a way that doesn’t lead to errors in the console or in the SCA application is challenging but possible.
Over the longer term we hope to gradually roll out a set of functionality that will enable the kind of content authoring you’re trying to do. This will be a long term project, and there are no concrete targets at this point, but it’s something that we appreciate the need for and are actively working on facilitating.
Yes, currently if you wish to edit the metadata of a fixlet you must export the fixlet, edit it with your favorite editor (vi for example) then import it back in.
In addition I plan on releasing a tool in the next week or so which will allow you to create custom SCM fixlets
just by pasting in your shell script (in the case of Unix) or Relevance, these will be released in the SCM Labs site.
If you need any further assistance please feel free to call me at +US 650-235-0776, I’m in the PDT timezone.