Open lucab85 opened 11 months ago
Workaround Playbook:
---
- name: RHEL9 CIS Audit
hosts: all
become: true
roles:
- name: "RHEL9-CIS"
vars:
setup_audit: true
run_audit: true
goss_url: https://github.com/goss-org/goss/releases/download/v0.3.23/goss-linux-arm64
goss_version:
release: v0.3.23
checksum: 'sha256:7b0794fa590857e7d64ef436e1a100ca26f6039f269a6138009aa837d27d7f9e'
hi @lucab85
Thank you for taking the time raise this issue and highlight the problem you are having. That is indeed a great catch as these benchmarks are only written in they way they are provided against an x86 system. This is a definite improvement with more users moving to arm based chips with both MAC and pi systems. I will add this to make the goss binary work although i feel there could be other inconsistencies especially with the auditd.
One to be added to roadmap for enhancements
many thanks
uk-bolly
We're getting the same error in a x86_64 Rocky Linux 9.2 build. So far we've not figured out what changed since it was last successful in early Sept 2023.
Versions: python version = 3.11.2 ansible [core 2.14.2] (ansible-7.2.0-1 package) goss version v0.3.21 (also tried with 0.3.23: "OK - Goss is installed and version is ok (0.3.23 >= 0.3.21)")
Describe the Issue The CIS audit fails with a syntax error on a fresh RHEL 9.2 machine on ARM64 architecture.
Expected Behavior I expect the audit result of the CIS benchmark.
Actual Behavior
Control(s) Affected What controls are being affected by the issue
Environment (please complete the following information):
Additional Notes
audit.yml Playbook
host:
Possible Solution Fix the syntax error in
pre_remediation_audit.yml