openscap icon indicating copy to clipboard operation
openscap copied to clipboard
verified publisher icon OpenSCAP

oscap-docker evalluates all rules as notapplicable in redhat STIG

Open ben-dov opened this issue 1 month ago • 0 comments

Description of Problem:

Seems to similar to https://github.com/OpenSCAP/openscap/issues/1942. When scanning a redhat container image (like ubi8 and ubi9) using oscap-docker, all rules are evaluated as notapplicable.

OpenSCAP Version:

bash-5.3# oscap -V
OpenSCAP command line tool (oscap) 1.4.2

Steps to Reproduce:

  1. sudo systemctl start docker
  2. docker pull registry.access.redhat.com/ubi8/ubi
  3. Enter the container that is connected to the docker environment or run locally (Am running in an image as root)
  4. oscap-docker image registry.access.redhat.com/ubi8/ubi:latest xccdf eval --profile xccdf_org.ssgproject.content_profile_stig /usr/share/xml/scap/ssg/content/ssg-rhel8-ds.xml

Additional Information / Debugging Steps:

might be unrelated, but I can see these warnings at the ending of the output

W: oscap: OVAL object 'rpminfo_object' is not supported.
W: oscap: OVAL object 'rpminfo_object' is not supported.
W: oscap: OVAL object 'rpminfo_object' is not supported.

ben-dov avatar Nov 18 '25 11:11 ben-dov