Bug 2027656
| Summary: | Udica crashes when processing inspect file without capabilities | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 9 | Reporter: | Vit Mojzis <vmojzis> | |
| Component: | udica | Assignee: | Vit Mojzis <vmojzis> | |
| Status: | CLOSED ERRATA | QA Contact: | Milos Malik <mmalik> | |
| Severity: | medium | Docs Contact: | ||
| Priority: | medium | |||
| Version: | 9.0 | CC: | mmalik | |
| Target Milestone: | rc | Keywords: | AutoVerified, Triaged | |
| Target Release: | 9.0 | |||
| Hardware: | All | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | udica-0.2.6-4.el9 | Doc Type: | No Doc Update | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 2027662 (view as bug list) | Environment: | ||
| Last Closed: | 2022-05-17 12:22:53 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 2027662, 2076617, 2076666 | |||
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (new packages: udica), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2022:2305 |
Description of problem: Udica crashes when processing inspect file without capabilities. Version-Release number of selected component (if applicable): udica-0.2.6-3.el9 udica-0.2.6-2.module+el8.6.0+12734+7d3a79c8.noarch How reproducible: Try to generate a policy for a container without any capabilities. Steps to Reproduce: # podman run docker.io/byte13/b13-k8s-audit-tools:latest # podman ps -a | grep docker.io/byte13/b13-k8s-audit-tools:latest <container_ID> docker.io/byte13/b13-k8s-audit-tools:latest /bin/sh 9 minutes ago Exited (0) 9 minutes ago elegant_archimedes # podman inspect <container_ID> > i # grep "EffectiveCaps" i "EffectiveCaps": null, # udica -j i test Actual results: Traceback (most recent call last): File "/usr/local/bin/udica", line 33, in <module> sys.exit(load_entry_point('udica==0.2.4', 'console_scripts', 'udica')()) File "/usr/local/lib/python3.9/site-packages/udica-0.2.4-py3.9.egg/udica/__main__.py", line 216, in main TypeError: 'NoneType' object is not iterable Expected results: Policy test created! Please load these modules using: # semodule -i test.cil /usr/share/udica/templates/base_container.cil Additional info: https://github.com/containers/udica/issues/103