Description of problem: While using the openscap policy "CIS Red Hat Enterprise Linux 8 Benchmark for Level1-Server" for the system, it fails for the rule "Ensure All Files Are Owned by a User" for the file which have AD/sssd user. Which means the it does not consider or are aware for file with AD/sssd user and shows them as orphans. Even as per the rule, running the below command does not show any files which are not owned by user, ----- # df --local -P | awk {'if (NR!=1) print $6'} | sudo xargs -I '{}' find '{}' -xdev -nouser # find PARTITION -xdev -nouser ---- This happens with both openscap scan done by console.redhat.com and Red Hat Satellite Version-Release number of selected component (if applicable): Openscap scap-security-guide How reproducible: Steps to Reproduce: 1. Attach the systems to policy "CIS Red Hat Enterprise Linux 8 Benchmark for Level1-Server" 2. The system should have files owned by AD/sssd user 3. Run the scap on the system Actual results: The rule does not consider files owned by AD/sssd user and fails for rule "Ensure All Files Are Owned by a User" Expected results: The rule should consider files owned by AD/sssd user and should not fail for the rule "Ensure All Files Are Owned by a User" Additional info:
Hello, The current issue is another concern which the customer has reported. This BZ is still valid for the issue which customer reported earlier. I will try to have a separate case open for the other issue reported by customer. Regards, Arvinder
There is a BZ on the sssd component that is related to this rule and where our team has been included: https://bugzilla.redhat.com/show_bug.cgi?id=2135159