[Open-scap] Memory allocation errors on RHEL6 with --oval-results
Chuck Atkins
chuck.atkins at kitware.com
Fri Oct 9 19:18:41 UTC 2015
I just filed it as a bug for the scap-security-guide package in RHEL6.
https://bugzilla.redhat.com/show_bug.cgi?id=1270329
- Chuck
On Thu, Oct 8, 2015 at 1:25 PM, Chuck Atkins <chuck.atkins at kitware.com>
wrote:
> Fixed (more or less)
>
> The short version:
> It was a problem with the SSG, not openscap, and is currently fixed
> upstream.
>
> The long version:
> Digging through the results files, the no_files_unowned_by_group test
> (oval:ssg:tst:776), has over 176k tested_item entries. Sure enough, when I
> create a tailoring file for the stig-rhel6-server-upstream profile and only
> disable the no_files_unowned_by_group test, I can use the --oval-results
> option with --report as desired to generate the detailed report and the
> resulting ssg-rhel6-oval.xml.result.xml file is only 1.8M. The good news
> is that It looks like it was an issue with the SSG so I updated to the most
> recent git hash for the SSG and the problem is gone. The older rule tested
> each file separately, outputting success or failure for every file, thus
> spamming the results file, while the new rule uses a single test that only
> outputs the files failing.
>
> It should be noted that this is a problem with the ssg-rhel6-oval.xml
> distributed with the scap-security-guide currently distributed in the RHEL6
> repos and is fixed in the upstream SSG.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20151009/dd81181b/attachment.htm>
More information about the Open-scap-list
mailing list