The configure_crypto_policy rule is failing after fresh installation of RHEL 8.3 using STIG profile.
The rule is failing because the oval:ssg-variable_crypto_policies_config_file_age:var:1 variable has value 466. Because of that the oval:ssg-test_crypto_policies_updated:tst:1 check from the rule fails and it results to fail of the rule.
SCAP Security Guide Version:
dfa3059
Operating System Version:
RHEL 8.3
Steps to Reproduce:
Install RHEL using STIG profile
After installation, boot system and check configure_crypto_policy rule
Actual Results:
Title
Configure System Cryptography Policy
Rule
xccdf_org.ssgproject.content_rule_configure_crypto_policy
Ident
CCE-80935-0
Result
fail
Expected Results:
Title
Configure System Cryptography Policy
Rule
xccdf_org.ssgproject.content_rule_configure_crypto_policy
Ident
CCE-80935-0
Result
pass
Addition Information/Debugging Steps:
Return code from remediation performed during installation is 0 but the actual result from the remediation is error because result from the check after the remediation is fail.
6358 issue is similar to this one and most likely it is caused by the same cause.
mildas
commented
2 years ago
Description of problem:
The
configure_crypto_policyrule is failing after fresh installation of RHEL 8.3 using STIG profile.The rule is failing because the
oval:ssg-variable_crypto_policies_config_file_age:var:1variable has value466. Because of that theoval:ssg-test_crypto_policies_updated:tst:1check from the rule fails and it results to fail of the rule.SCAP Security Guide Version:
dfa3059
Operating System Version:
RHEL 8.3
Steps to Reproduce:
configure_crypto_policyruleActual Results:
Expected Results:
Addition Information/Debugging Steps:
Return code from remediation performed during installation is 0 but the actual result from the remediation is
errorbecause result from the check after the remediation is fail.6358 issue is similar to this one and most likely it is caused by the same cause.