Hide Forgot
Description of problem: When oscap-vm utility is called on non-existent image, or on image that exists, but for some reason fails to mount, scan is nevertheless performed on empty directory meant to contain the mounted image. This is not nice user experience. Version-Release number of selected component (if applicable): openscap-1.2.10-2.el7.x86_64 How reproducible: reliably Steps to Reproduce: 1. oscap-vm image ./empty.qcow2 xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --results empty_results.file --results-arf empty_results.arf.file --report empty_report.file ./test-ds.xml when either empty.qcow2 exists [created by touch for example] or does not exist at all Actual results: Scan is performed, some rules might even pass, exit code 2 [failing rules] Expected results: Scan is not performed, error message clearly states there was an issue during preparation phase, exit code other than 0 and 2 to symbolize error. Additional info:
Upstream fix proposed: https://github.com/OpenSCAP/openscap/pull/646
Verified. NEW: :: [ LOG ] :: Package versions: :: [ LOG ] :: openscap-1.2.14-1.el7.x86_64 :: [ PASS ] :: File ./empty.qcow2 should not exist :: [ PASS ] :: Command 'oscap-vm image ./empty.qcow2 xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --results empty_results.file --results-arf empty_results.arf.file --report empty_report.file ./test-ds.xml' (Expected 1,3-127, got 1) :: [ PASS ] :: File empty_results.file should not exist :: [ PASS ] :: File empty_results.arf.file should not exist :: [ PASS ] :: File empty_report.file should not exist :: [ PASS ] :: Creating empty file (Expected 0, got 0) :: [ PASS ] :: Command 'oscap-vm image ./empty.qcow2 xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --results empty_results.file --results-arf empty_results.arf.file --report empty_report.file ./test-ds.xml' (Expected 1,3-127, got 1) :: [ PASS ] :: File empty_results.file should not exist :: [ PASS ] :: File empty_results.arf.file should not exist :: [ PASS ] :: File empty_report.file should not exist :: [ LOG ] :: Duration: 13s :: [ LOG ] :: Assertions: 10 good, 0 bad :: [ PASS ] :: RESULT: negative testing OLD: :: [ LOG ] :: Package versions: :: [ LOG ] :: openscap-1.2.10-2.el7.x86_64 :: [ PASS ] :: File ./empty.qcow2 should not exist :: [ FAIL ] :: Command 'oscap-vm image ./empty.qcow2 xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --results empty_results.file --results-arf empty_results.arf.file --report empty_report.file ./test-ds.xml' (Expected 1,3-127, got 2) :: [ FAIL ] :: File empty_results.file should not exist :: [ FAIL ] :: File empty_results.arf.file should not exist :: [ FAIL ] :: File empty_report.file should not exist :: [ PASS ] :: Creating empty file (Expected 0, got 0) :: [ FAIL ] :: Command 'oscap-vm image ./empty.qcow2 xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --results empty_results.file --results-arf empty_results.arf.file --report empty_report.file ./test-ds.xml' (Expected 1,3-127, got 2) :: [ FAIL ] :: File empty_results.file should not exist :: [ FAIL ] :: File empty_results.arf.file should not exist :: [ FAIL ] :: File empty_report.file should not exist :: [ LOG ] :: Duration: 1m 14s :: [ LOG ] :: Assertions: 2 good, 8 bad :: [ FAIL ] :: RESULT: negative testing
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2017:2291