Rule no_invalid_shell_accounts_unlocked is failing due to regular user

[pietro028]

Description of problem:

Rule no_invalid_shell_accounts_unlocked is failing on Ubuntu 24.04 from the regular user.

SCAP Security Guide Version:

Package: ssg-debderived Version: 0.1.76-1

Operating System Version:

24.04.2 LTS (Noble Numbat)

Steps to Reproduce:

1. Install Ubuntu 24.04
2. Install ssg and oscap
3. Make sure the regular user is specified on the last line in /etc/passwd
4. Run - sudo oscap oval --verbose DEVEL --verbose-log-file log.txt eval --id oval:ssg-no_invalid_shell_accounts_unlocked:def:1 /usr/share/xml/scap/ssg/content/ssg-ubuntu2404-oval.xml

Actual Results:

Definition oval:ssg-no_invalid_shell_accounts_unlocked:def:1: false

Expected Results:

Definition oval:ssg-no_invalid_shell_accounts_unlocked:def:1: true

Additional Information/Debugging Steps:

The test is failing due to a regular user account called "admin". This account has a valid login shell and is password protected. I noticed this rule fails only when the "admin" user is the last user specified in /etc/passwd -

passwd-bad.txt

Here is an example of the /etc/passwd file that allows the rule to pass -

passwd-good.txt

Attached is the debug log:

log.txt

[dodys]

@pietro028 have you tried with the latest version 0.1.77? is this issue still happening?