Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.
First Last Prev Next    This bug is not in your last search results.
Bug 1640522 - SELinux Security Context probe produces a flood of annoying messages
SELinux Security Context probe produces a flood of annoying messages
Status: POST
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: openscap (Show other bugs)
7.7
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Jan Černý
BaseOS QE Security Team
Mirek Jahoda
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2018-10-18 05:26 EDT by Jan Černý
Modified: 2018-11-02 02:48 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Known Issue
Doc Text:
*OpenSCAP* scanner results contain a lot of SELinux context error messages The *OpenSCAP* scanner logs inability to get SELinux context on the "ERROR" level even in situations where it is not a true error. As a result, *OpenSCAP* scanner results contain a lot of SELinux context error messages. Both the *oscap* command-line utility and the *SCAP Workbench* graphical utility outputs can be hard to read for that reason.
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Jan Černý 2018-10-18 05:26:54 EDT 
Description of problem:
SELinux Security Context probe produces a flood of annoying messages
that look like this:

Can't get context ...

This makes the output hard to orient in.

Version-Release number of selected component (if applicable):
openscap-1.2.17

How reproducible:
always

Steps to Reproduce:
1.oscap xccdf eval --oval-results --report xccdf_org.ssgproject.content_profile_ospp42-draft.html --progress --profile xccdf_org.ssgproject.content_profile_ospp42-draft /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml
2. see the stderr
3.

Actual results:
A lot of "Can't get context" messages are written on stderr.

Expected results:
These messages are displayed only in DEVEL verbosity level.

Additional info:
Comment 2 Jan Černý 2018-10-18 05:27:21 EDT 
This was fixed upstream in https://github.com/OpenSCAP/openscap/pull/1222
Comment 3 Marek Haicman 2018-10-18 07:17:16 EDT 
Just a note (for testing purposes) this is triggered specifically by rule xccdf_org.ssgproject.content_rule_selinux_confinement_of_daemons
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.