Project

General

Profile

Actions
Copy link

action #173578

closed

[security][QU] new failing rules in oscap_ansible_stig in 15-SP6 QU only

Added by frantisek.simorda 9 days ago. Updated 1 day ago.

Status:
Resolved
Priority:
Normal
Assignee:
viktors.trubovics
Category:
Bugs in existing tests
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
8.00 h
Difficulty:
Tags:
qu, oscap

Description

Observation

openQA test in scenario sle-15-SP6-Online-QR-aarch64-oscap_bash_anssi_bp28_high@aarch64 fails in
oscap_xccdf_eval#2

Newer link: https://openqa.suse.de/tests/16039882

#Pattern \bfail\b count in file stdout.txt is 4, expected 3. Failed rules:
xccdf_org.ssgproject.content_rule_aide_scan_notification, CCE-91214-7
xccdf_org.ssgproject.content_rule_accounts_passwords_pam_tally2, CCE-85554-4
xccdf_org.ssgproject.content_rule_accounts_password_pam_minclass,
xccdf_org.ssgproject.content_rule_accounts_password_pam_retry,

#Expected 3 rules to fail:
xccdf_org.ssgproject.content_rule_aide_scan_notification
xccdf_org.ssgproject.content_rule_accounts_password_pam_minclass
xccdf_org.ssgproject.content_rule_accounts_password_pam_retry

#Rules failed (not in expected list):
xccdf_org.ssgproject.content_rule_accounts_passwords_pam_tally2

RULES PASSED, but are in expected to fail list:

Actions
Copy link
 #1

Updated by tjyrinki_suse 8 days ago

  • Estimated time set to 8.00 h
Actions
Copy link
 #2

Updated by tjyrinki_suse 8 days ago

  • Tags set to oscap
  • Subject changed from [security] new failing rules in oscap_ansible_stig in 15-SP6 to [security] new failing rules in oscap_ansible_stig in 15-SP6 QU only
  • Description updated (diff)
  • Status changed from New to Workable
  • Assignee set to viktors.trubovics
  • Start date deleted (2024-12-02)

Pinging Viktors as this used to pass in 15-SP6 QU Build 104.2 and before.

Note that oscap_bash_anssi_bp28_high is not being executed in the daily 15-SP6 GA tests, so we don't have a comparison reference from there.

Actions
Copy link
 #3

Updated by tjyrinki_suse 8 days ago

  • Tags changed from oscap to oscap, qu
  • Subject changed from [security] new failing rules in oscap_ansible_stig in 15-SP6 QU only to [security][QU] new failing rules in oscap_ansible_stig in 15-SP6 QU only
Actions
Copy link
 #4

Updated by viktors.trubovics 8 days ago

For now I added xccdf_org.ssgproject.content_rule_accounts_passwords_pam_tally2 for SP6 accounts_passwords_pam_tally2 on SP6 bp28_high
Asked Svetlin to look at.

Actions
Copy link
 #5

Updated by viktors.trubovics 1 day ago

  • Status changed from Workable to Resolved

Issue moved to the hardening team backlog, can close here.

Actions
Copy link

Also available in: Atom PDF