1397839 – oscap-docker is not compatible with atomic 1.13.8

Bug 1397839 - oscap-docker is not compatible with atomic 1.13.8

Summary: oscap-docker is not compatible with atomic 1.13.8

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	atomic
Sub Component:
Version:	7.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Brent Baude
QA Contact:	atomic-bugs@redhat.com
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-11-23 12:45 UTC by Marek Haicman
Modified:	2020-02-14 18:11 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-06-28 15:41:26 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2017:1627	0	normal	SHIPPED_LIVE	atomic bug fix update	2017-06-28 19:34:50 UTC

Description Marek Haicman 2016-11-23 12:45:15 UTC

Description of problem:
When oscap-docker utility is executed on system where atomic 1.13.8 is installed, it fails with import error.

Version-Release number of selected component (if applicable):
openscap-utils-1.2.10-2.el7.x86_64
atomic-1.13.8-1.el7.x86_64

How reproducible:
reliably

Steps to Reproduce:
1. oscap-docker --help
2. oscap-docker image-cve $TARGET

Actual results:
"Atomic.mount.DockerMount" has been successfully imported but it doesn't have the _clean_temp_container_by_path method. Please upgrade your Atomic installation to 1.4 or higher.


Expected results:
Help is printed.
$TARGET is scanned

Additional info:

Comment 1 Martin Preisler 2016-11-23 20:46:13 UTC

Discussed this with Brent Baude.

The method was removed in https://github.com/projectatomic/atomic/commit/9a0114c2845beba372116b2fdcb605a3f59b445b#diff-ce5473cd96a720a53d0834698c9b2eaaL688

Comment 2 Brent Baude 2016-11-23 21:56:56 UTC

fix pushed upstream -> https://github.com/projectatomic/atomic/pull/769

Comment 3 Shawn Wells 2016-12-08 02:28:48 UTC

Was with the US Army today (Weds 7-DEC) who are using OpenSCAP to scan containers. They just rebased to RHEL 7.3 and container scanning no longer works. What is the ETA on when a bugfix will be issued in RHEL?

Comment 4 Daniel Walsh 2016-12-08 09:54:45 UTC

Brent this fix did not go out in rhel7.3.1, so it will show up in rhel7.3.2

atomic-1.14.* release.

Which is scheduled around 6 weeks from now, I believe.

Comment 5 Brent Baude 2017-05-26 13:56:59 UTC

this should be more than good to go now ...

Comment 7 Alex Jia 2017-06-19 09:17:21 UTC

I can reproduce this issue in atomic-1:1.13.8-1.el7, and it works well in fixed version atomic-1:1.14.1-1.el7 and latest atomic-1.17.2-8.git2760e30.el7.

Comment 9 errata-xmlrpc 2017-06-28 15:41:26 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1627

Note You need to log in before you can comment on or make changes to this bug.