Description of problem:
Scanning RHEL-7.2 Beta system against the PCI-DSS profile currently returns failure only on one rule:
"Verify and Correct File Permissions with RPM"
This is *not* problem with the underlying OVAL content. The problem is that different packages (see list below) does not properly mark selected files as to be ignored for the RPM verify test, leading into:
$ rpm -V
command to fail with these packages.
Steps to Reproduce:
1. Scan RHEL-7.2 Beta system against the PCI-DSS profile
The "Verify and Correct File Permissions with RPM" rule fails.
The "Verify and Correct File Permissions with RPM" passes.
Created attachment 1076260 [details]
HTML report of PCI-DSS profile scan on clean RHEL-7.2 Beta system.
Checkout the failing state of "Verify and Correct File Permissions with RPM" rule and mainly items violating the test.
Closing this one. After further investigation it has been realized the problem isn't in the particular packages the RPM verify package check is run at. But rather source of the problem is elsewhere. Therefore this bug is not needed anymore.
Closing as such.