openscap-daemon icon indicating copy to clipboard operation
openscap-daemon copied to clipboard

Published 20 hours ago verified publisher icon OpenSCAP

WARNING:Can't import the 'docker' package. Container scanning functionality will be disabled.

Open iamtanmay opened this issue 6 years ago • 2 comments

Hi.

I am on RHEL 7. I did:

  1. yum install -y docker

  2. yum install -y atomic

Docker is running: systemctl enable docker , systemctl start docker

Then I installed docker SDK for python and openscap-docker

  1. yum install docker-python-1.4.0-115.el7

  2. yum installed openscap-utils

Yet, I keep getting the warning (atomic scan --verbose ....)

"WARNING:Can't import the 'docker' package. Container scanning functionality will be disabled."

What does it mean ?

Thank you for your help. Tanmay

iamtanmay avatar Apr 12 '18 11:04 iamtanmay

Hi @iamtanmay If you scan container using atomic command, this warning should not not affect you, it should be affecting only the low-level oscap-docker command.

Does atomic scan produce any results?

jan-cerny avatar Apr 12 '18 12:04 jan-cerny

Yes, the results seem to be as expected. Please see below and tell me if it looks wrong:

atomic scan --verbose registry.access.redhat.com/rhscl/nodejs-6-rhel7

gives:

The following issues were found:

 RHSA-2018:0502: kernel-alt security and bug fix update (Important)
 Severity: Important
   RHSA URL: https://access.redhat.com/errata/RHSA-2018:0502
   RHSA ID: RHSA-2018:0502-01
   Associated CVEs:
       CVE ID: CVE-2017-16994
       CVE URL: https://access.redhat.com/security/cve/CVE-2017-16994
       CVE ID: CVE-2017-17712
       CVE URL: https://access.redhat.com/security/cve/CVE-2017-17712

 RHSA-2018:0180: kernel-alt security and bug fix update (Important)
 Severity: Important
   RHSA URL: https://access.redhat.com/errata/RHSA-2018:0180
   RHSA ID: RHSA-2018:0180-02
   Associated CVEs:
       CVE ID: CVE-2017-1000405
       CVE URL: https://access.redhat.com/security/cve/CVE-2017-1000405

 RHSA-2017:0372: kernel-aarch64 security and bug fix update (Important)
 Severity: Important
   RHSA URL: https://access.redhat.com/errata/RHSA-2017:0372
   RHSA ID: RHSA-2017:0372-01
   Associated CVEs:
       CVE ID: CVE-2016-5195
       CVE URL: https://access.redhat.com/security/cve/CVE-2016-5195
       CVE ID: CVE-2016-7039
       CVE URL: https://access.redhat.com/security/cve/CVE-2016-7039
       CVE ID: CVE-2016-8666
       CVE URL: https://access.redhat.com/security/cve/CVE-2016-8666

Many thanks for such a quick reply. I was worried that I had missed an SDK or something.

iamtanmay avatar Apr 12 '18 12:04 iamtanmay