search

OpenSCAP / scap-workbench

SCAP Scanner And Tailoring Graphical User Interface
https://www.open-scap.org/tools/scap-workbench
GNU General Public License v3.0
223 stars 65 forks source link

Ansible remediation for systemd-journald has invalid syntax because of quotation marks #315

Closed Maddss closed 9 months ago

Maddss commented 9 months ago

When generating an Ansible remediation script using the SCAP workbench there seems to be invalid syntax in systemd-journald configuration: xccdf_org.ssgproject.content_rule_journald_compress xccdf_org.ssgproject.content_rule_journald_forward_to_syslog xccdf_org.ssgproject.content_rule_journald_storage

For Example: line: ForwardToSyslog="yes" should be ForwardToSyslog=yes without quotation marks This breaks the remediation as the settings don't work with quotation marks. OpenSCAP scanner also checks these settings without quotation marks and returns them as failed.

tags: CCE-85931-4 CCE-85996-7 CCE-86046-0

evgenyz commented 9 months ago

The remediations themselves belong to CaC project (ssg). This is the place to open an issue: https://github.com/ComplianceAsCode/content/issues. (Please follow the template and fill all the information required to identify the problem).