Description of problem: The new version of oscap 1.3.6, probably released around 8.6/9.0 will stop look at current working directory for the local cache of oval files. Instead it will provide explicit --local-files argument, that we'll have to start using to preserve the functionality. This has impact on the customers who use the solution from https://bugzilla.redhat.com/show_bug.cgi?id=1957288 Expected results: Today we rely on the files being present in /root, the foreman_scap_client could just add such definition on the oscap >= 1.3.6. The directory may be configurable, but that would require also changes to ansible role and the puppet module to modify the config file. I think that is not mandatory for this RFE. Additional info: This should be a follow up of https://bugzilla.redhat.com/show_bug.cgi?id=1957288
Hello Team, Any workaround available for now, using which we can pass the parameter( --local-files) in the config file (/etc/foreman_scap_client/config.yaml ), so that during the scan it should refer to the file and perform the checks and upload the report to the satellite. Regards,
There is no easy workaround, the only way to make this work now is to manually patch the foreman_scap_client code on every client. This is the line, that needs to be modified https://github.com/theforeman/foreman_scap_client/blob/master/lib/foreman_scap_client/client.rb#L39
The new version of foreman_scap_client 0.5.1 was released in the upstream and includes the fix.
Created attachment 1968314 [details] hotfix rpm
Created attachment 1968315 [details] hotfix doc rpm
Hotfix instructions: 1. Download the RPM's from the BZ to a folder on the satellite and cd to that directory 2. # yum localinstall * 3. # foreman-maintain service restart
This package is typically installed on scanned hosts, not Satellite itself. People need to distribute this to their hosts.
Hi Patrick, can we release a new snap of the client repo so QAs can test the change?