kabepst
commented
1 year ago As an additional information:
Closed kabepst closed 10 months ago
kabepst
commented
1 year ago As an additional information:
kabepst
commented
11 months ago @marcusburghardt I've had a quick look at this (as you set the label good first issue) to fix it by myself. However it looks like this should already be correctly implemented:
Is this the wrong place I look at or is perhaps something else going wrong (which won't be that easy to fix) since the package name in the referenced file seems to be correct already ?
marcusburghardt
commented
10 months ago @marcusburghardt I've had a quick look at this (as you set the label good first issue) to fix it by myself. However it looks like this should already be correctly implemented:
Is this the wrong place I look at or is perhaps something else going wrong (which won't be that easy to fix) since the package name in the referenced file seems to be correct already ?
It was probably already fixed in the meantime. If so, we can close this issue. Could you confirm @teacup-on-rockingchair , please?
kabepst
commented
10 months ago @marcusburghardt I've had a quick look at this (as you set the label good first issue) to fix it by myself. However it looks like this should already be correctly implemented: https://github.com/ComplianceAsCode/content/blob/639639bde105fc66291b87071c03da595475cfe3/linux_os/guide/system/auditing/package_audit-libs_installed/rule.yml#L2
Is this the wrong place I look at or is perhaps something else going wrong (which won't be that easy to fix) since the package name in the referenced file seems to be correct already ?
It was probably already fixed in the meantime. If so, we can close this issue. Could you confirm @teacup-on-rockingchair , please?
You are right, see https://github.com/ComplianceAsCode/content/commit/05e058bc50f5c2f45002c4bc1414352a2ca74be1 which belongs to v0.1.71 . I was still using v.0.1.69 and can confirm: No error with v.0.1.71 and therefore issue closed :)
Description of problem:
The libaudit package is called "libaudit1" on SLES 15 SP4 and not "libaudit". Therefore evaluation (and automatic remediation) fails for related rules. The rule this occured for me is 'CCE-92478-7' (CIS Benchmark for SUSE Enterprise Linux 15 - Server Level 2)
SCAP Security Guide Version: 0.1.69
Operating System Version: SUSE Linux Enteprise 15 SP4
Steps to Reproduce:
oscap xccdf eval --profile xccdf_ch.ksg_profile_cis_KSG_customized --tailoring-file /home/sysadmin/ssg-sle15-ds-1.2-tailoring.xml --results-arf /home/sysadmin/ospp-results.xml --report /home/sysadmin/ospp-results.html /home/sysadmin/ssg-sle15-ds-1.2.xmloscap xccdf generate fix --fix-type ansible --profile {{ profile }} --tailoring-file /home/sysadmin/{{ tailoring }} --output /home/sysadmin/oscap-remediation-sles15-base.yml /home/sysadmin/ospp-results.xmlActual Results:
Running the remediation playbook aborts with "error: No provider for libaudit found"
Expected Results:
Playbook should install or detect (as it is installed by default for me) that libaudit is already installed. However changing the package name below from 'libaudit' to 'libaudit1' fixes the error and playbook runs without error for this specific rule:
Additional Information/Debugging Steps:
The shown steps to reproduce are exported from an automated ansible-playbook run and therefore use our internal customized/tailored version of the cis-benchmark. However the same happens when using a non-tailored/customized content from scap security guide. Therefore I assume this is a bug in general.