Closed Mixer9 closed 6 years ago
Its kinda hard to see but I bolded the successful changes for this ansible play, so you see that not all failed, just the empty lines.
Thanks for the report @Mixer9! If you have a fix, feel free to submit it in a PR.
I put the fix in the issue I opened.
Chris
On Thu, Sep 13, 2018, 10:53 AM redhatrises notifications@github.com wrote:
Thanks for the report @Mixer9 https://github.com/Mixer9! If you have a fix, feel free to submit it in a PR.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421057447, or mute the thread https://github.com/notifications/unsubscribe-auth/Ah5ivwD8xY3Rw28NsJJFv8rCfcZkUyEcks5uan-MgaJpZM4WnhV0 .
@Mixer9 https://github.com/ComplianceAsCode/content/blob/master/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml is the file if you are interested in fixing this.
I bumped into this as well and would like to propose an alternate solution:
rpm -Va | awk '/^.M/ {print $NF}'
simply look for the second element of the first field being M and then print out the last field
Actually, in reading more closely the other fix has an issue of it's own, we really don't want to remove the blank lines, they represent real issues which need to be addressed. The command
rpm -Va |grep '^.M' | cut -d ' ' -f5- | sed -r 's;^.*\s+(.+);\1;g'
assumes that rpm -Va will always return the same number of fields, which it will not.
So here is the bare output of rpm -Va on a RHEL 7.5 machine in my lab:
[root@tower ~]# rpm -Va S.5....T. c /etc/rhsm/rhsm.conf .M....... g /var/log/dmesg .M....... g /var/log/dmesg.old missing /var/run/wpa_supplicant S.5....T. c /etc/sysconfig/authconfig .M....... c /etc/audit/rules.d/audit.rules .M....... g /etc/selinux/targeted/active/seusers .M....... /etc/selinux/targeted/active/users_extra .M....... g /etc/pki/ca-trust/extracted/java/cacerts .M....... g /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt .M....... g /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem .M....... g /etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem .M....... g /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem ....L.... c /etc/pam.d/fingerprint-auth ....L.... c /etc/pam.d/password-auth [truncated]
Note that some returns, such as /etc/selinux/targeted/active/users_extra, have a blank value in the second filed which will be interpreted by cut as having fewer fields, this is a job for awk or Perl. This is the output of the original command:
[root@tower pci-dss]# rpm -Va | grep '^.M' | cut -d ' ' -f5- | sed -r 's;^.*\s+(.+);\1;g'
/etc/selinux/targeted/active/users_extra
/etc/insights-client/.exp.sed /etc/insights-client/.fallback.json /etc/insights-client/.fallback.json.asc /etc/insights-client/cert-api.access.redhat.com.pem
/etc/insights-client/redhattools.pub.gpg /etc/insights-client/rpm.egg /etc/insights-client/rpm.egg.asc
/var/run/supervisor /var/lib/awx/job_status /var/log/tower [truncated]
and those blank lines are what was causing the errors coming back from rpm but just removing them masks a real problem. If I use awk instead of grep|cut|sed I get this:
[root@tower pci-dss]# rpm -Va | awk '/^.M/ {print $NF}' /var/log/dmesg /var/log/dmesg.old /etc/audit/rules.d/audit.rules /etc/selinux/targeted/active/seusers /etc/selinux/targeted/active/users_extra /etc/pki/ca-trust/extracted/java/cacerts /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem /etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /etc/sysconfig/kernel /etc/insights-client/.exp.sed /etc/insights-client/.fallback.json /etc/insights-client/.fallback.json.asc /etc/insights-client/cert-api.access.redhat.com.pem /etc/insights-client/insights-client.conf /etc/insights-client/redhattools.pub.gpg [truncated]
Which solves the blank line issue, which was not causing spurious errors, it was allowing real errors to persist since problem files were being identified but not recorded.
Please advise on how I can help here, new to git, old at shell script foo.
@cmattern-rht that is the better solution, mine was sort of a knee jerk reaction to what I perceived as blank lines, I see now that they were not blank but had fewer fields.
Mixer9
On Fri, Sep 14, 2018, 11:36 AM cmattern-rht notifications@github.com wrote:
Actually, in reading more closely the other fix has an issue of it's own, we really don't want to remove the blank lines, they represent real issues which need to be addressed. The command
rpm -Va |grep '^.M' | cut -d ' ' -f5- | sed -r 's;^.*\s+(.+);\1;g'
assumes that rpm -Va will always return the same number of fields, which it will not.
So here is the bare output of rpm -Va on a RHEL 7.5 machine in my lab:
[root@tower ~]# rpm -Va S.5....T. c /etc/rhsm/rhsm.conf .M....... g /var/log/dmesg .M....... g /var/log/dmesg.old missing /var/run/wpa_supplicant S.5....T. c /etc/sysconfig/authconfig .M....... c /etc/audit/rules.d/audit.rules .M....... g /etc/selinux/targeted/active/seusers .M....... /etc/selinux/targeted/active/users_extra .M....... g /etc/pki/ca-trust/extracted/java/cacerts .M....... g /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt .M....... g /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem .M....... g /etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem .M....... g /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem ....L.... c /etc/pam.d/fingerprint-auth ....L.... c /etc/pam.d/password-auth [truncated]
Note that some returns, such as /etc/selinux/targeted/active/users_extra, have a blank value in the second filed which will be interpreted by cut as having fewer fields, this is a job for awk or Perl. This is the output of the original command:
[root@tower pci-dss]# rpm -Va | grep '^.M' | cut -d ' ' -f5- | sed -r 's;^.*\s+(.+);\1;g'
/etc/selinux/targeted/active/users_extra
/etc/insights-client/.exp.sed /etc/insights-client/.fallback.json /etc/insights-client/.fallback.json.asc /etc/insights-client/cert-api.access.redhat.com.pem
/etc/insights-client/redhattools.pub.gpg /etc/insights-client/rpm.egg /etc/insights-client/rpm.egg.asc
/var/run/supervisor /var/lib/awx/job_status /var/log/tower [truncated]
and those blank lines are what was causing the errors coming back from rpm but just removing them masks a real problem. If I use awk instead of grep|cut|sed I get this:
[root@tower pci-dss]# rpm -Va | awk '/^.M/ {print $NF}' /var/log/dmesg /var/log/dmesg.old /etc/audit/rules.d/audit.rules /etc/selinux/targeted/active/seusers /etc/selinux/targeted/active/users_extra /etc/pki/ca-trust/extracted/java/cacerts /etc/pki/ca-trust/extracted/openssl/ca-bundle.trust.crt /etc/pki/ca-trust/extracted/pem/email-ca-bundle.pem /etc/pki/ca-trust/extracted/pem/objsign-ca-bundle.pem /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /etc/sysconfig/kernel /etc/insights-client/.exp.sed /etc/insights-client/.fallback.json /etc/insights-client/.fallback.json.asc /etc/insights-client/cert-api.access.redhat.com.pem /etc/insights-client/insights-client.conf /etc/insights-client/redhattools.pub.gpg [truncated]
Which solves the blank line issue, which was not causing spurious errors, it was allowing real errors to persist since problem files were being identified but not recorded.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421415012, or mute the thread https://github.com/notifications/unsubscribe-auth/Ah5iv3GKT6-jT5pTGaClEvvOgY_EMeouks5ua9slgaJpZM4WnhV0 .
@Mixer9 as hinted above I am a git-newbie but my git-coach is going to walk me through submitting my fix shortly, if you could stand by for a few minutes I'll get that done.
@cmattern-rht of course, I wasn't trying to push you, I liked your solution it was better than mine for sure. I actually implemented your solution into my playbook after the fact, it worked great.
Thank you, Mixer9
On Fri, Sep 14, 2018, 1:08 PM cmattern-rht notifications@github.com wrote:
@Mixer9 https://github.com/Mixer9 as hinted above I am a git-newbie but my git-coach is going to walk me through submitting my fix shortly, if you could stand by for a few minutes I'll get that done.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421440031, or mute the thread https://github.com/notifications/unsubscribe-auth/Ah5iv1IuFHthYhBAWWTkXfp2c2gM8V5Uks5ua_CMgaJpZM4WnhV0 .
No perception of a push there ;-) just the humility of an old dog learning a new trick.
On Sat, Sep 15, 2018 at 11:46 PM Mixer9 notifications@github.com wrote:
@cmattern-rht of course, I wasn't trying to push you, I liked your solution it was better than mine for sure. I actually implemented your solution into my playbook after the fact, it worked great.
Thank you, Mixer9
On Fri, Sep 14, 2018, 1:08 PM cmattern-rht notifications@github.com wrote:
@Mixer9 https://github.com/Mixer9 as hinted above I am a git-newbie but my git-coach is going to walk me through submitting my fix shortly, if you could stand by for a few minutes I'll get that done.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub < https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421440031 , or mute the thread < https://github.com/notifications/unsubscribe-auth/Ah5iv1IuFHthYhBAWWTkXfp2c2gM8V5Uks5ua_CMgaJpZM4WnhV0
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421685638, or mute the thread https://github.com/notifications/unsubscribe-auth/AkyMt_zoEazY7vaTvRMzBpBrW48y_QMBks5ubcmcgaJpZM4WnhV0 .
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
BTW I'm glad it worked well for you, making things work makes old dogs happy...
On Sun, Sep 16, 2018 at 12:05 PM Chuck Mattern cmattern@redhat.com wrote:
No perception of a push there ;-) just the humility of an old dog learning a new trick.
On Sat, Sep 15, 2018 at 11:46 PM Mixer9 notifications@github.com wrote:
@cmattern-rht of course, I wasn't trying to push you, I liked your solution it was better than mine for sure. I actually implemented your solution into my playbook after the fact, it worked great.
Thank you, Mixer9
On Fri, Sep 14, 2018, 1:08 PM cmattern-rht notifications@github.com wrote:
@Mixer9 https://github.com/Mixer9 as hinted above I am a git-newbie but my git-coach is going to walk me through submitting my fix shortly, if you could stand by for a few minutes I'll get that done.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub < https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421440031 , or mute the thread < https://github.com/notifications/unsubscribe-auth/Ah5iv1IuFHthYhBAWWTkXfp2c2gM8V5Uks5ua_CMgaJpZM4WnhV0
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421685638, or mute the thread https://github.com/notifications/unsubscribe-auth/AkyMt_zoEazY7vaTvRMzBpBrW48y_QMBks5ubcmcgaJpZM4WnhV0 .
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
Hey, does the open-scap github have an IRC channel for questions? If not where would I go just to ask newbie kind of questions?
Chris Mixer9
On Sun, Sep 16, 2018 at 11:23 AM Chuck Mattern notifications@github.com wrote:
BTW I'm glad it worked well for you, making things work makes old dogs happy...
On Sun, Sep 16, 2018 at 12:05 PM Chuck Mattern cmattern@redhat.com wrote:
No perception of a push there ;-) just the humility of an old dog learning a new trick.
On Sat, Sep 15, 2018 at 11:46 PM Mixer9 notifications@github.com wrote:
@cmattern-rht of course, I wasn't trying to push you, I liked your solution it was better than mine for sure. I actually implemented your solution into my playbook after the fact, it worked great.
Thank you, Mixer9
On Fri, Sep 14, 2018, 1:08 PM cmattern-rht notifications@github.com wrote:
@Mixer9 https://github.com/Mixer9 as hinted above I am a git-newbie but my git-coach is going to walk me through submitting my fix shortly, if you could stand by for a few minutes I'll get that done.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <
https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421440031
, or mute the thread <
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub < https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421685638 , or mute the thread < https://github.com/notifications/unsubscribe-auth/AkyMt_zoEazY7vaTvRMzBpBrW48y_QMBks5ubcmcgaJpZM4WnhV0
.
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421790738, or mute the thread https://github.com/notifications/unsubscribe-auth/Ah5ivw3cYjKwd2mJJ3Jlie-1liPqXAKvks5ubnrogaJpZM4WnhV0 .
-- Chris Hood chris.hood@gmail.com RHCE (RedHat Certified Engineer) RHCVA (RedHat Certified Virtualization Administrator) RHCDS (RedHat Certified Data Center Specialist) C|EH (Certified Ethical Hacker)
@Mixer9 We lurk on #openscap
on Freenode. :)
@Mixer9 or @cmattern-rht can either of you submit a PR? File is here: https://github.com/ComplianceAsCode/content/blob/master/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml
If I knew how to do that, I would. I think @cmattern-rht was going to do it, but I can if someone can tell me how.
Mixer9
On Mon, Sep 17, 2018 at 11:24 AM redhatrises notifications@github.com wrote:
@Mixer9 https://github.com/Mixer9 or @cmattern-rht https://github.com/cmattern-rht can either of you submit a PR? File is here: https://github.com/ComplianceAsCode/content/blob/master/linux_os/guide/system/software/integrity/software-integrity/rpm_verification/rpm_verify_permissions/ansible/shared.yml
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-422080523, or mute the thread https://github.com/notifications/unsubscribe-auth/Ah5iv5mAkBXyUiJCrZGAoWD1J5qOIkXNks5ub8ywgaJpZM4WnhV0 .
-- Chris Hood chris.hood@gmail.com RHCE (RedHat Certified Engineer) RHCVA (RedHat Certified Virtualization Administrator) RHCDS (RedHat Certified Data Center Specialist) C|EH (Certified Ethical Hacker)
This should get you where you need to be:
https://www.open-scap.org/resources/support/
IRC is one of the option near the bottom of the page.
On Mon, Sep 17, 2018 at 10:57 AM Mixer9 notifications@github.com wrote:
Hey, does the open-scap github have an IRC channel for questions? If not where would I go just to ask newbie kind of questions?
Chris Mixer9
On Sun, Sep 16, 2018 at 11:23 AM Chuck Mattern notifications@github.com wrote:
BTW I'm glad it worked well for you, making things work makes old dogs happy...
On Sun, Sep 16, 2018 at 12:05 PM Chuck Mattern cmattern@redhat.com wrote:
No perception of a push there ;-) just the humility of an old dog learning a new trick.
On Sat, Sep 15, 2018 at 11:46 PM Mixer9 notifications@github.com wrote:
@cmattern-rht of course, I wasn't trying to push you, I liked your solution it was better than mine for sure. I actually implemented your solution into my playbook after the fact, it worked great.
Thank you, Mixer9
On Fri, Sep 14, 2018, 1:08 PM cmattern-rht notifications@github.com wrote:
@Mixer9 https://github.com/Mixer9 as hinted above I am a git-newbie but my git-coach is going to walk me through submitting my fix shortly, if you could stand by for a few minutes I'll get that done.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <
https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421440031
, or mute the thread <
.
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <
https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421685638
,
or mute the thread <
.
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub < https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-421790738 , or mute the thread < https://github.com/notifications/unsubscribe-auth/Ah5ivw3cYjKwd2mJJ3Jlie-1liPqXAKvks5ubnrogaJpZM4WnhV0
.
-- Chris Hood chris.hood@gmail.com RHCE (RedHat Certified Engineer) RHCVA (RedHat Certified Virtualization Administrator) RHCDS (RedHat Certified Data Center Specialist) C|EH (Certified Ethical Hacker)
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-422049071, or mute the thread https://github.com/notifications/unsubscribe-auth/AkyMtxZ_i3GX67ViZ0U5OkdjpNsk2n2Jks5ub7hHgaJpZM4WnhV0 .
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
I'll get to it this evening.
On Mon, Sep 17, 2018 at 1:14 PM Mixer9 notifications@github.com wrote:
If I knew how to do that, I would. I think @cmattern-rht was going to do it, but I can if someone can tell me how.
Mixer9
On Mon, Sep 17, 2018 at 11:24 AM redhatrises notifications@github.com wrote:
@Mixer9 https://github.com/Mixer9 or @cmattern-rht https://github.com/cmattern-rht can either of you submit a PR? File is here:
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub < https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-422080523 , or mute the thread < https://github.com/notifications/unsubscribe-auth/Ah5iv5mAkBXyUiJCrZGAoWD1J5qOIkXNks5ub8ywgaJpZM4WnhV0
.
-- Chris Hood chris.hood@gmail.com RHCE (RedHat Certified Engineer) RHCVA (RedHat Certified Virtualization Administrator) RHCDS (RedHat Certified Data Center Specialist) C|EH (Certified Ethical Hacker)
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-422097203, or mute the thread https://github.com/notifications/unsubscribe-auth/AkyMtz_jrrMsSXeX-iUUAcW-fr46Quixks5ub9iOgaJpZM4WnhV0 .
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
Apologies, more involved than I realized, I'll get it done, won't be complete tonight, thanks for the chance to contribute.
On Mon, Sep 17, 2018 at 4:35 PM Chuck Mattern cmattern@redhat.com wrote:
I'll get to it this evening.
On Mon, Sep 17, 2018 at 1:14 PM Mixer9 notifications@github.com wrote:
If I knew how to do that, I would. I think @cmattern-rht was going to do it, but I can if someone can tell me how.
Mixer9
On Mon, Sep 17, 2018 at 11:24 AM redhatrises notifications@github.com wrote:
@Mixer9 https://github.com/Mixer9 or @cmattern-rht https://github.com/cmattern-rht can either of you submit a PR? File is here:
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub < https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-422080523 , or mute the thread < https://github.com/notifications/unsubscribe-auth/Ah5iv5mAkBXyUiJCrZGAoWD1J5qOIkXNks5ub8ywgaJpZM4WnhV0
.
-- Chris Hood chris.hood@gmail.com RHCE (RedHat Certified Engineer) RHCVA (RedHat Certified Virtualization Administrator) RHCDS (RedHat Certified Data Center Specialist) C|EH (Certified Ethical Hacker)
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-422097203, or mute the thread https://github.com/notifications/unsubscribe-auth/AkyMtz_jrrMsSXeX-iUUAcW-fr46Quixks5ub9iOgaJpZM4WnhV0 .
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
I submitted a PR today, it should be taken care of.
Mixer9
On Mon, Sep 17, 2018, 7:29 PM Chuck Mattern notifications@github.com wrote:
Apologies, more involved than I realized, I'll get it done, won't be complete tonight, thanks for the chance to contribute.
On Mon, Sep 17, 2018 at 4:35 PM Chuck Mattern cmattern@redhat.com wrote:
I'll get to it this evening.
On Mon, Sep 17, 2018 at 1:14 PM Mixer9 notifications@github.com wrote:
If I knew how to do that, I would. I think @cmattern-rht was going to do it, but I can if someone can tell me how.
Mixer9
On Mon, Sep 17, 2018 at 11:24 AM redhatrises notifications@github.com wrote:
@Mixer9 https://github.com/Mixer9 or @cmattern-rht https://github.com/cmattern-rht can either of you submit a PR? File is here:
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <
https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-422080523
, or mute the thread <
.
-- Chris Hood chris.hood@gmail.com RHCE (RedHat Certified Engineer) RHCVA (RedHat Certified Virtualization Administrator) RHCDS (RedHat Certified Data Center Specialist) C|EH (Certified Ethical Hacker)
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub < https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-422097203 , or mute the thread < https://github.com/notifications/unsubscribe-auth/AkyMtz_jrrMsSXeX-iUUAcW-fr46Quixks5ub9iOgaJpZM4WnhV0
.
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
--
CHUCK MATTERN
PRINCIPAL SOLUTION ARCHITECT, RHCE
Red Hat
cmattern@redhat.com T: 678.590.2344
RED HAT | DIFFERENT FOR THE SAKE OF BETTER TECHNOLOGY
Find out why every airline, telecom, commercial bank, healthcare and financial data services company in the Fortune 500 rely on Red Hat,
Trusted | Red Hat http://www.redhat.com/en/about/trusted
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ComplianceAsCode/content/issues/3318#issuecomment-422213939, or mute the thread https://github.com/notifications/unsubscribe-auth/Ah5ivxjJtAGxVeP4pQu1Yf_LRFs9BuqJks5ucD59gaJpZM4WnhV0 .
Apologies, more involved than I realized, I'll get it done, won't be complete tonight, thanks for the chance to contribute.
@cmattern-rht if you see other issues, please feel free to submit a PR.
This should be fixed in #3333, #3341, and #3328
Description of problem:
Correct file permissions with RPM Ansible play throws errors for empty lines returned. The one liner that is used returns empty lines and then the "rpm --setperms" command fails.
SCAP Security Guide Version:
Name : scap-security-guide Arch : noarch Version : 0.1.36 Release : 9.el7_5 Size : 61 M
Operating System Version:
Red Hat Enterprise Linux Server release 7.5 (Maipo)
Steps to Reproduce:
This is from the Anisble playbook that is created from the generate
Expected Results:
To not return empty lines then the 'rpm --setperms' command will not fail
Addition Information/Debugging Steps:
Here is an easy fix to this issue, I just added a pipe (|) and another sed at the end to remove blank lines. I would provide a patch, but I don't know what file create the Ansible fix in order to edit it and send back the patch.
rpm -Va | grep '^.M' | cut -d ' ' -f5- | sed -r 's;^.*\s+(.+);\1;g'|sed -e '/^$/d'
EDIT by @mpreisler: formatting