Project

General

Profile

Actions
Copy link

Bug #20664

open

Oscap should show warning , if scap content and tailoring file's are different

Added by Ondřej Pražák almost 7 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
1482904
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

Steps to Reproduce:
1.Create a scap content for ssg-rhel7-ds.xml , select any scap profile
2.Create a tailoring file for ssg-firefox-ds , select any scap profile
3.Associate these two mutually exclusive files in scap policy

Steps:
hammer> policy info --id 3
Id: 3
Name: rhel7_policy1
Created at: 2017-08-11 11:48:15 UTC
Period: weekly
Weekday: friday
Cron line:
Scap content Id: 4
Scap Content profile Id: 23
Tailoring file Id: 4
Tailoring file profile Id: 146

hammer> scap-content info --id 4
Id: 4
Title: Red Hat rhel7 default content
Created at: 2017-08-09 09:08:32 UTC
Original filename: ssg-rhel7-ds.xml
Scap content profiles:
1) Id: 19
Profile id: xccdf_org.ssgproject.content_profile_standard
Title: Standard System Security Profile
2) Id: 20
Profile id: xccdf_org.ssgproject.content_profile_pci-dss
Title: PCI-DSS v3 Control Baseline for Red Hat Enterprise Linux 7
3) Id: 21
Profile id: xccdf_org.ssgproject.content_profile_C2S
Title: C2S for Red Hat Enterprise Linux 7
4) Id: 22
Profile id: xccdf_org.ssgproject.content_profile_rht-ccp
Title: Red Hat Corporate Profile for Certified Cloud Providers (RH CCP)
5) Id: 23
Profile id: xccdf_org.ssgproject.content_profile_common
Title: Common Profile for General-Purpose Systems
6) Id: 24
Profile id: xccdf_org.ssgproject.content_profile_stig-rhel7-disa
Title: DISA STIG for Red Hat Enterprise Linux 7
7) Id: 25
Profile id: xccdf_org.ssgproject.content_profile_stig-rhevh-upstream
Title: STIG for Red Hat Virtualization Hypervisor
8) Id: 26
Profile id: xccdf_org.ssgproject.content_profile_ospp-rhel7
Title: United States Government Configuration Baseline (USGCB / STIG) - DRAFT
9) Id: 27
Profile id: xccdf_org.ssgproject.content_profile_cjis-rhel7-server
Title: Criminal Justice Information Services (CJIS) Security Policy
10)Id: 28
Profile id: xccdf_org.ssgproject.content_profile_docker-host
Title: Standard Docker Host Security Profile
11)Id: 29
Profile id: xccdf_org.ssgproject.content_profile_nist-800-171-cui
Title: Unclassified Information in Non-federal Information Systems and Organizations (NIST 800-171)
Locations:
Default Location
Organizations:
Default Organization

hammer> tailoring-file info --id 4
Id: 4
Name: tailoring-firefox
Created at: 2017-08-18 11:06:03 UTC
Original filename: ssg-firefox-ds-tailoring.xml
Tailoring file profiles:
1) Id: 146
Profile id: xccdf_org.ssgproject.content_profile_stig-firefox-upstream_customized
Title: Upstream Firefox STIG [CUSTOMIZED]
Locations:
Default Location
Organizations:
Default Organization

Arf-report generated:

arf-report info --id 1560
Id: 1560
Host: Hostdotcom
Reported at: 2017-08-18 11:09:28 UTC
Passed: 0
Failed: 0
Othered: 0
Host Id: 17
Openscap proxy Id: 1
Openscap proxy name: foremandotcom
Locations:
Default Location
Organizations:
Default Organization

Actual results:
No error , but Empty arf-report generated

Expected results:
There should be some kind of warning indicating the problem or it's shouldn't generated a arf-report.

No data to display

Actions
Copy link

Also available in: Atom PDF