content icon indicating copy to clipboard operation
content copied to clipboard

Published 20 hours ago verified publisher icon ComplianceAsCode

Missing referenced check files for RHEL 9 profile

Open yuljk opened this issue 1 year ago • 1 comments

Description of problem:

When performing an evaluation as per below I receive an error :-

oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis --results ssg-rhel9-ds.xml --report ssg-rhel9-level2-ds.html /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml

OpenSCAP Error: Unable to open file: '/usr/share/xml/scap/ssg/content/ssg-rhel9-oval.xml' [/builddir/build/BUILD/openscap-1.3.10/src/source/oscap_source.c:298] Could not find file /usr/share/xml/scap/ssg/content/ssg-rhel9-oval.xml: No such file or directory. [/builddir/build/BUILD/openscap-1.3.10/src/DS/sds.c:697] Unable to open file: '/usr/share/xml/scap/ssg/content/ssg-rhel9-ocil.xml' [/builddir/build/BUILD/openscap-1.3.10/src/source/oscap_source.c:298] Could not find file /usr/share/xml/scap/ssg/content/ssg-rhel9-ocil.xml: No such file or directory. [/builddir/build/BUILD/openscap-1.3.10/src/DS/sds.c:697]

Neither of these files exist in the directory.

I installed scap-security-guide from the official RHEL 9 repository as per

dnf install scap-security-guide

SCAP Security Guide Version:

scap-security-guide-0.1.74-1.el9_4.noarch

Operating System Version:

RHEL 9.4

Steps to Reproduce:

Actual Results:

Aforementioned files are not present in the directory

Expected Results:

The following files should be present in the directory ssg-rhel9-ocil.xml ssg-rhel9-oval.xml

Additional Information/Debugging Steps:

I'm new to using openscap, so forgive me if I'm missing something! - But I presume the required check files mentioned in the profile should be present when doing a RHEL 9 Server Level 2 evaluation?

Kind Regards

yuljk avatar Sep 06 '24 12:09 yuljk

Description of problem:

When performing an evaluation as per below I receive an error :-

oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_cis --results ssg-rhel9-ds.xml --report ssg-rhel9-level2-ds.html /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml

That's really weird, I've just ran the same command and didn't get the error.

The file /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml should embed all the other files that OpenSCAP needs to execute. So that's really weird what is going on.

Maybe you don't have the right permissions to the file, or you are not running as root/sudo or maybe you can try to reinstall the package.

ggbecker avatar Sep 06 '24 14:09 ggbecker

Please open a discussion or reach out on Gitter if you have additional questions.

Mab879 avatar Oct 25 '24 20:10 Mab879