Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1571315 - Rule xccdf_org.ssgproject.content_rule_aide_scan_notification fails when email ID other than root@. is given [rhel-7.5.z]
Rule xccdf_org.ssgproject.content_rule_aide_scan_notification fails when emai...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: scap-security-guide (Show other bugs)
7.4
x86_64 Linux
high Severity urgent
: rc
: ---
Assigned To: Watson Yuuma Sato
Marek Haicman
Mirek Jahoda
: ZStream
Depends On: 1540505
Blocks:
  Show dependency treegraph
 
Reported: 2018-04-24 09:48 EDT by Oneata Mircea Teodor
Modified: 2018-05-14 12:13 EDT (History)
7 users (show)

See Also:
Fixed In Version: scap-security-guide-0.1.36-9.el7_5
Doc Type: Bug Fix
Doc Text:
Previously, the Open Vulnerability and Assessment Language (OVAL) check for the aide_scan_notification rule allow Advanced Intrusion Detection Environment (AIDE) notification e-mails to be sent only to root@*. As a consequence, scanning with the rule returned fail if the notification e-mail recipient was not root. The OVAL check has been fixed to allow also other e-mail addresses than root, and aide_scan_notification now works properly for all email addresses.
Story Points: ---
Clone Of: 1540505
Environment:
Last Closed: 2018-05-14 12:13:49 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:1410 None None None 2018-05-14 12:13 EDT

  None (edit)
Description Oneata Mircea Teodor 2018-04-24 09:48:31 EDT 
This bug has been copied from bug #1540505 and has been proposed to be backported to 7.5 z-stream (EUS).
Comment 3 Marek Haicman 2018-04-30 00:25:33 EDT 
Verified fix in version scap-security-guide-0.1.36-9.el7_5.noarch through SSG Test Suite on commit https://github.com/OpenSCAP/scap-security-guide/commit/04ddc39b88f5756bf078b28b78fe11226096b438

NEW (scap-security-guide-0.1.36-9.el7_5.noarch):
[dahaic@machine tests]$ sudo ./test_suite.py rule --hypervisor qemu:///system --domain ssg-test-suite-rhel7 --datastream ./ssg-0.1.36-9.xml --xccdf-id scap_org.open-scap_cref_ssg-rhel7-xccdf-1.2.xml aide_scan_notification
Setting console output to log level INFO
INFO - xccdf_org.ssgproject.content_rule_aide_scan_notification
INFO - Script cron_weekly_configured.pass.sh using profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa OK
INFO - Script crontab_configured.pass.sh using profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa OK
INFO - Script crontab_just_periodic_checking.fail.sh using profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa OK
INFO - Script default.fail.sh using profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa OK
INFO - Script var_cron_configured.pass.sh using profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa OK
INFO - All snapshots reverted successfully

OLD (scap-security-guide-0.1.36-7.el7.noarch):
[dahaic@machine tests]$ sudo ./test_suite.py rule --hypervisor qemu:///system --domain ssg-test-suite-rhel7 --datastream ./ssg-0.1.36-7.xml --xccdf-id scap_org.open-scap_cref_ssg-rhel7-xccdf-1.2.xml aide_scan_notification
Setting console output to log level INFO
INFO - xccdf_org.ssgproject.content_rule_aide_scan_notification
ERROR - Script cron_weekly_configured.pass.sh using profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa found issue:
ERROR - Scan has exited with return code 2, instead of expected 0 during stage initial
ERROR - The initial scan failed for rule 'xccdf_org.ssgproject.content_rule_aide_scan_notification'.
ERROR - Script crontab_configured.pass.sh using profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa found issue:
ERROR - Scan has exited with return code 2, instead of expected 0 during stage initial
ERROR - The initial scan failed for rule 'xccdf_org.ssgproject.content_rule_aide_scan_notification'.
INFO - Script crontab_just_periodic_checking.fail.sh using profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa OK
ERROR - Scan has exited with return code 2, instead of expected 0 during stage remediation
ERROR - The remediation failed for rule 'xccdf_org.ssgproject.content_rule_aide_scan_notification'.
INFO - Script default.fail.sh using profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa OK
ERROR - Script var_cron_configured.pass.sh using profile xccdf_org.ssgproject.content_profile_stig-rhel7-disa found issue:
ERROR - Scan has exited with return code 2, instead of expected 0 during stage initial
ERROR - The initial scan failed for rule 'xccdf_org.ssgproject.content_rule_aide_scan_notification'.
INFO - All snapshots reverted successfully
Comment 6 errata-xmlrpc 2018-05-14 12:13:49 EDT 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:1410
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.