Bug 1340978 - Smart State Analysis for OpenStack Instances including scanning file contents
Summary: Smart State Analysis for OpenStack Instances including scanning file contents
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat CloudForms Management Engine
Classification: Red Hat
Component: SmartState Analysis
Version: 5.5.0
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: GA
: 5.7.0
Assignee: Rich Oliveri
QA Contact: Dave Johnson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-05-31 03:26 UTC by Andrew Spurrier
Modified: 2019-11-14 08:13 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-06-09 05:24:44 UTC
Category: ---
Cloudforms Team: ---
Target Upstream Version:


Attachments (Terms of Use)

Description Andrew Spurrier 2016-05-31 03:26:53 UTC
Description of problem:
Smart State Analysis for OpenStack Instances does not work with Glance storage and even on Nova it cannot scan file contents.

Version-Release number of selected component (if applicable):
5.5.3.4

How reproducible:
Always

Steps to Reproduce:
1.  Create a compliance policy that attempts to detect the string "Root" in /etc/ssh/sshd_config.

Actual results:
Fails

Expected results:
Pass

Additional info:
CF needs to be able to work with all the storage types offered to OSP instances.


   2. Who is the customer behind the request?  
    Account: name and acct #   https://access.redhat.com/support/cases/01643369
      
    TAM customer: yes 
    SRM customer: yes  
    Strategic: yes  
      
      
    4. Why does the customer need this? (List the business requirements here)  
CloudForms is managing OpenStack.  Security Compliance reporting is a massive requirement of the instances being managed.
      
    5. How would the customer like to achieve this? (List the functional requirements here)  
Same as the other Providers already supported by CloudForms.
      
      
    7. Is there already an existing RFE upstream or in Red Hat Bugzilla?  
I know this bug is on the list for future releases and we want to ensure it is prioritised correctly for the world wide customers' demand.
      
    8. Does the customer have any specific timeline dependencies and which release would they like to target (i.e. RHEL5, RHEL6)?  
No, the next release.
      
    9. Is the sales team involved in this request and do they have any additional input?  
Yes, this is a very strategic customer.
      
    10. List any affected packages or components.  
Automation Engine, State Machines.
      
    11. Would the customer be able to assist in testing this functionality if implemented?  
Yes.

Comment 2 Rich Oliveri 2016-05-31 04:47:30 UTC
Andrew,

For OpenStack providers, SmartState uses the Glance API to access the data we require, so I can't see how SmartState does not work with Glance storage.

Did the SmartState task in question fail? If so, what was the error? If the SmartState task didn't fail, did it fail to retrieve the file: /etc/ssh/sshd_config?

If the SSA task didn't fail, then the issue isn't with Glance storage, but there could be an issue in retrieving the file in question.


Note You need to log in before you can comment on or make changes to this bug.