Bug #34554
closedUploading external DISA SCAP content to satellite 6.10 fails with exception "Invalid SCAP file type"
Description
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=2053478
Description of problem:
Uploading external DISA SCAP content to satellite 6.10 fails with the exception "Invalid SCAP content type"
Sources from where the content was derived:-
https://public.cyber.mil/stigs/scap/
https://cyber.mil/stigs/scap/
Version-Release number of selected component (if applicable):
6.10.2
How reproducible:
100%
Steps to Reproduce:
1. Satellite GUI > Hosts > Scap Contents
2. Provide a name, set Organization and location
3. Choose to upload the file U_RHEL_7_V3R6_STIG_SCAP_1-2_Benchmark.xml
Actual results:
Failed with Error:- Failed to save: Scap file Invalid SCAP file type
Logs:- =========
> /var/log/foreman/production.log <2022-02-11T06:27:03 [I|app|14a97a45] Started POST "/compliance/scap_contents" for 10.74.8.47 at 2022-02-11 06:27:03 -0500
2022-02-11T06:27:03 [I|app|14a97a45] Processing by ScapContentsController#create as HTML
2022-02-11T06:27:03 [I|app|14a97a45] Parameters: {"utf8"=>"✓", "authenticity_token"=>"vNsQp6nW07PjcUdVargJdZj9+GCfEqXO6+yv8Dpphal377z9rmNUsZY3ro13r8lzrLdzIb/KUzjxe63MCryY3A==", "scap_content"=>{"title"=>"U_RHEL_7_V3R6_STIG_SCAP_1-2_Benchmark.xml", "scap_file"=>"[FILTERED]", "location_ids"=>["", "2"], "organization_ids"=>["", "1"]}, "commit"=>"Submit"}
2022-02-11T06:27:03 [D|tax|14a97a45] Current location set to GSS
2022-02-11T06:27:03 [D|tax|14a97a45] Current organization set to RedHat
2022-02-11T06:27:04 [E|app|14a97a45] Failed to save: Scap file Invalid SCAP file type
2022-02-11T06:27:04 [I|app|14a97a45] Rendering /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-4.3.3/app/views/scap_contents/new.html.erb within layouts/application
2022-02-11T06:27:04 [I|app|14a97a45] Rendered taxonomies/_loc_org_tabs.html.erb (Duration: 12.3ms | Allocations: 4123)
2022-02-11T06:27:04 [I|app|14a97a45] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-4.3.3/app/views/scap_contents/_form.html.erb (Duration: 21.1ms | Allocations: 10509)
2022-02-11T06:27:04 [I|app|14a97a45] Rendered /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-4.3.3/app/views/scap_contents/new.html.erb within layouts/application (Duration: 23.1ms | Allocations: 11678)
2022-02-11T06:27:04 [I|app|14a97a45] Rendered layouts/_application_content.html.erb (Duration: 1.9ms | Allocations: 1324)
2022-02-11T06:27:04 [D|app|14a97a45] [[1;32mDeface:[[0m 3 overrides found for 'layouts/base'
2022-02-11T06:27:04 [D|app|14a97a45] [[1;32mDeface:[[0m 'theme_react_root' matched 1 times with 'body'
2022-02-11T06:27:04 [I|app|14a97a45] [[1;32mDeface: [WARNING][[0m No :original defined for 'theme_react_root', you should change its definition to include:
14a97a45 | :original => 'faac6c90abe8438bc58ea181c88ba0ed95ef7ff8'
Expected results:
External SCAP Content derived from an external source should be compatible with the satellite 6.10 version.
Additional info:
=> Tried to upload the same content in satellite 6.9 as well as in the older version of satellite, it uploaded successfully.
Tried to verify the content in satellite CLI, it is working as expected:-
~~~~~~~~~~~~~~~~~~~
tmp]# oscap ds sds-validate U_RHEL_7_V3R6_STIG_SCAP_1-2_Benchmark.xml
~~~~~~~~~~~~~~~~~~~
tmp]# oscap info U_RHEL_7_V3R6_STIG_SCAP_1-2_Benchmark.xml
Document type: Source Data Stream
Imported: 2022-02-09T15:14:01
Stream: scap_mil.disa.stig_datastream_U_RHEL_7_V3R6_STIG_SCAP_1-2_Benchmark
Generated: 2022-01-01T20:00:07
Version: 1.2
Checklists:
Ref-Id: scap_mil.disa.stig_cref_U_RHEL_7_V3R6_STIG_SCAP_1-2_Benchmark-xccdf.xml
Status: accepted
Generated: 2021-12-02
Resolved: false
Profiles:
~~~~~~~~~~~~~~~~~~~
tmp]# oscap xccdf eval --datastream-id scap_mil.disa.stig_datastream_U_RHEL_7_V3R6_STIG_SCAP_1-2_Benchmark U_RHEL_7_V3R6_STIG_SCAP_1-2_Benchmark.xml
Title The Red Hat Enterprise Linux operating system must display the Standard Mandatory DoD Notice and Consent Banner before granting local or remote access to the system via a graphical user logon.
Rule xccdf_mil.disa.stig_rule_SV-204393r603261_rule
Ident CCE-26970-4
Ident V-71859
Ident SV-86483
Ident CCI-000048
Result pass
~~~~~~~~~~~~~~~~~~~
Updated by The Foreman Bot about 2 years ago
- Status changed from New to Ready For Testing
- Assignee set to Marek Hulán
- Pull request https://github.com/theforeman/smart_proxy_openscap/pull/87 added
Updated by The Foreman Bot about 2 years ago
- Fixed in Releases smart_proxy_openscap 0.9.2 added
Updated by Marek Hulán about 2 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset smart_proxy_openscap|6e5d86c4f0a03e347ed90fe52d169598df3783cc.