content icon indicating copy to clipboard operation
content copied to clipboard

Published 20 hours ago verified publisher icon ComplianceAsCode

Rule ensure_redhat_gpgkey_installed is evaluated as notchecked on RHEL-10

Open matusmarhefka opened this issue 1 year ago • 1 comments

Description of problem:

The rule ensure_redhat_gpgkey_installed evaluates as notchecked (No candidate or applicable check found) on RHEL-10 which when combined with other gpgcheck rules in SCAP profiles (gpgcheck_globally_activated, gpgcheck_never_disabled, etc.) causes that it is not possible to install or update packages on hardened RHEL-10 system.

SCAP Security Guide Version:

db7b59bd68cbca5c6f536e2dd9ec8e3f8e0629cc

Operating System Version:

RHEL-10

matusmarhefka avatar Sep 19 '24 13:09 matusmarhefka

Once we fill the following in products/rhel10/product.yml that should resolve the issues.

pkg_release: ""
pkg_version: ""
aux_pkg_release: ""
aux_pkg_version: ""

release_key_fingerprint: ""
auxiliary_key_fingerprint: ""

Mab879 avatar Sep 19 '24 19:09 Mab879

This is fixed now since we filled out the needed fields for the RHEL 10 product.

Mab879 avatar Jan 23 '25 14:01 Mab879