Red Hat Bugzilla – Bug 1465380
auditd is not installed as part of remediation
Last modified: 2018-06-20 22:26:34 EDT
Description of problem:
Because of missing XCCDF rule checking whether auditd is installed, SCAP Security Guide cannot remediate it. This results in lots of failed rules after hardened installation.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. install system with selection of pci-dss
2. open datastream in scap-workbench and search within content_group_auditing for rule checking installation of the auditd
1. machine is failing all audit-related rules
2. no rule checking for installation of package
1. machine has no failing audit-related rules
2. rule is present there (and enabled) for pci-dss profile
Update: audit is installed by default, so the 1) scenario in description is not caused by this.
Reason for 1) scenario is discussed in Bug 1465402