[Open-scap] systemdunitproperty_test issue
Martin Preisler
mpreisle at redhat.com
Mon Sep 1 12:53:39 UTC 2014
----- Original Message -----
> From: "Shawn Wells" <shawn at redhat.com>
> To: open-scap-list at redhat.com
> Sent: Sunday, August 31, 2014 7:39:27 AM
> Subject: Re: [Open-scap] systemdunitproperty_test issue
>
> On 8/30/14, 6:42 AM, Simon Lukasik wrote:
> > On 08/29/2014 04:56 AM, Simon Lukasik wrote:
> >> Hello Guys,
> >>
> >> I have messing with systemdunitproperty. I got oscap to the point that
> >> it prints out:
> >>
> >> Failed to import the OVAL Definitions from
> >> 'output/ssg-rhel6-oval.xml'.
> >> OpenSCAP Error: Unable to open file: 'output/ssg-rhel6-oval.xml'
> >> [oscapxml.c:573]
> >> No such file or directory 'output/ssg-rhel6-oval.xml'
> >> [oval_defModel.c:232]
> >
> > Och, I've pasted wrong error message. I was nervous about draining
> > battery. The error message I saw was:
> >
> > Definition oval:ssg:def:743: not evaluated
> > OpenSCAP Error: Probe at sd=4 (systemdunitdependency) reported an
> > error: Operation not supported [./oval_probe_ext.c:525]
> > No definition with ID: oval:ssg:def:743 in result model.
> > [oval_agent.c:184]
> >
> > The reproducer remains the same. Thanks!
>
> One step missing from the reproducer... checkout the systemd branch
>
>
> $ git clone git at github.com:isimluk/scap-security-guide.git systemd
> *$ git checkout remotes/origin/systemd*
> $ cd systemd/RHEL/6/
> $ make content
> $ #service_quota_nld_disabled
> $ oscap oval eval --skip-valid --id oval:ssg:def:743
> output/ssg-rhel6-oval.xml
> Failed to import the OVAL Definitions from 'output/ssg-rhel6-oval.xml'.
> OpenSCAP Error: Unknown test type oval:ssg:tst:3202. [oval_test.c:369]
> $ # service_auditd_enabled
> $ oscap oval eval --skip-valid --id oval:ssg:def:973
> output/ssg-rhel6-oval.xml
> Failed to import the OVAL Definitions from 'output/ssg-rhel6-oval.xml'.
> OpenSCAP Error: Unknown test type oval:ssg:tst:3202. [oval_test.c:369]
>
> tst:3202 is below:
> > <linux:systemdunitproperty_test check="all"
> > check_existence="any_exist" comment="systemd test"
> > id="oval:ssg:tst:3202" version="1">
> > <linux:object object_ref="oval:ssg:obj:3212"/>
> > <linux:state state_ref="oval:ssg:ste:3213"/>
> > </linux:systemdunitproperty_test>
>
> I'm on RHEL 6 / openscap-utils-1.0.8-1.el6_5.x86_64
Just one useful tip I have forgotten to mention. You can run `oscap -V` to
check which OVAL objects are supported by the openscap you have installed.
The following output is from openscap from the master branch in our git
repository. Please ignore the paths, it is not installed system-wide.
$ oscap -V
OpenSCAP command line tool (oscap) 1.1.0
Copyright 2009--2014 Red Hat Inc., Durham, North Carolina.
==== Supported specifications ====
XCCDF Version: 1.2
OVAL Version: 5.10.1
CPE Version: 2.3
CVSS Version: 2.0
CVE Version: 2.0
Asset Identification Version: 1.1
Asset Reporting Format Version: 1.1
==== Capabilities added by auto-loaded plugins ====
SCE Version: 1.0 (from libopenscap_sce.so.8)
==== Paths ====
Schema files: /home/mpreisle/d/openscap/schemas
Default CPE files: /home/mpreisle/d/openscap/cpe
Probes: /home/mpreisle/d/openscap/src/OVAL/probes
==== Inbuilt CPE names ====
Red Hat Enterprise Linux - cpe:/o:redhat:enterprise_linux
Red Hat Enterprise Linux 5 - cpe:/o:redhat:enterprise_linux:5
Red Hat Enterprise Linux 6 - cpe:/o:redhat:enterprise_linux:6
Red Hat Enterprise Linux 7 - cpe:/o:redhat:enterprise_linux:7
Community Enterprise Operating System 5 - cpe:/o:centos:centos:5
Community Enterprise Operating System 6 - cpe:/o:centos:centos:6
Community Enterprise Operating System 7 - cpe:/o:centos:centos:7
Fedora 16 - cpe:/o:fedoraproject:fedora:16
Fedora 17 - cpe:/o:fedoraproject:fedora:17
Fedora 18 - cpe:/o:fedoraproject:fedora:18
Fedora 19 - cpe:/o:fedoraproject:fedora:19
Fedora 20 - cpe:/o:fedoraproject:fedora:20
Fedora 21 - cpe:/o:fedoraproject:fedora:21
Fedora 22 - cpe:/o:fedoraproject:fedora:22
Red Hat Enterprise Linux Optional Productivity Applications - cpe:/a:redhat:rhel_productivity
Red Hat Enterprise Linux Optional Productivity Applications 5 - cpe:/a:redhat:rhel_productivity:5
==== Supported OVAL objects and associated OpenSCAP probes ====
system_info probe_system_info
family probe_family
filehash probe_filehash
environmentvariable probe_environmentvariable
textfilecontent54 probe_textfilecontent54
textfilecontent probe_textfilecontent
variable probe_variable
xmlfilecontent probe_xmlfilecontent
environmentvariable58 probe_environmentvariable58
filehash58 probe_filehash58
inetlisteningservers probe_inetlisteningservers
rpminfo probe_rpminfo
partition probe_partition
iflisteners probe_iflisteners
rpmverify probe_rpmverify
rpmverifyfile probe_rpmverifyfile
rpmverifypackage probe_rpmverifypackage
selinuxboolean probe_selinuxboolean
selinuxsecuritycontext probe_selinuxsecuritycontext
systemdunitproperty probe_systemdunitproperty
systemdunitdependency probe_systemdunitdependency
file probe_file
interface probe_interface
password probe_password
process probe_process
runlevel probe_runlevel
shadow probe_shadow
uname probe_uname
xinetd probe_xinetd
sysctl probe_sysctl
gconf probe_gconf
routingtable probe_routingtable
--
Martin Preisler
More information about the Open-scap-list
mailing list