#!/bin/sh
##########
# This script can be installed to get regular oscap-scan checks. Results are
# sent to root mail. Please configure oscap-scan options before you use it!
##########
#OPTIONS="oval eval --report /var/log/oscap-scan.html.log --results /var/log/oscap-scan.xml.log /usr/share/openscap/scap-fedora14-oval.xml"
PROG="/usr/bin/oscap"
if [ -z "$OPTIONS" ]
then
logger "OpenSCAP security scan: NOT CONFIGURED. (Cron job)"
exit 0
fi
$PROG $OPTIONS
RETVAL=$?
if [ $RETVAL -eq 0 ] ; then
logger "OpenSCAP security scan: PASS. (Cron job)"
elif [ $RETVAL -eq 1 ] ; then
logger "OpenSCAP security scan: ERROR. (Cron job)"
else
logger "OpenSCAP security scan: FAILED. (Cron job)"
fi
exit "$RETVAL"