Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Automatus kernel_module_sctp_disabled/missing_blacklist.fail fails on RHEL-10 #12877

Closed
comps opened this issue Jan 22, 2025 · 0 comments · Fixed by #12898
Closed

Automatus kernel_module_sctp_disabled/missing_blacklist.fail fails on RHEL-10 #12877

comps opened this issue Jan 22, 2025 · 0 comments · Fixed by #12898
Assignees
@Mab879
Labels
productization-issue Issue found in upstream stabilization process. RHEL10 Red Hat Enterprise Linux 10 product related.

Comments

@comps
Copy link
Collaborator

comps commented Jan 22, 2025

Description of problem:

The test seems to correctly write the blacklisting into the appropriate .conf,

##### kernel_module_sctp_disabled / missing_blacklist.fail.sh #####
ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o IdentityFile=/var/lib/libvirt/images/contest.sshkey [email protected] cd /root/ssgts/kernel_module_sctp_disabled; SHARED=/root/ssgts/shared bash -x missing_blacklist.fail.sh
STDERR: Warning: Permanently added '192.168.120.180' (ED25519) to the list of known hosts.
+ echo
+ echo 'install sctp /bin/true'

as can also be seen in the scan html/arf, but - for some reason - the OVAL check is considered not evaluated, so that might be the issue ... ?

Or, if the test is meant to fail the scan, why is it writing the correct state into the .conf file .. ?

SCAP Security Guide Version:

master @ 1424df5

Operating System Version:

RHEL-10

Steps to Reproduce:

  1. Run automatus for kernel_module_sctp_disabled

Additional Information/Debugging Steps:

Attaching ARF for debugging: initial-arf.xml.gz
@comps comps added productization-issue Issue found in upstream stabilization process. RHEL10 Red Hat Enterprise Linux 10 product related. labels Jan 22, 2025
@Mab879 Mab879 self-assigned this Jan 24, 2025
@Mab879 Mab879 mentioned this issue Jan 24, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Mab879 Mab879

Labels
productization-issue Issue found in upstream stabilization process. RHEL10 Red Hat Enterprise Linux 10 product related.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Adjust kernel_module_disabled/missing_blacklist.fail.sh Mab879/content
2 participants
@Mab879 @comps