Just curious but would a `yum reinstall` work?
On Tue, Nov 24, 2015 at 11:52 AM, Shawn Wells <[email protected]> wrote:
>
>
> On 11/24/15 1:32 PM, Shawn Wells wrote:
>
>> Running on RHEL 7.2, receiving "No definition with ID: ...." errors.
>> Known issue?
>>
>>
>>
>>
>> # cat /etc/redhat-release
>> Red Hat Enterprise Linux Server release 7.2 (Maipo)
>>
>> # yum -y install openscap-scanner scap-security-guide
>>
>> # rpm -qv openscap-scanner scap-security-guide
>> openscap-scanner-1.2.5-3.el7.x86_64
>> scap-security-guide-0.1.25-3.el7.noarch
>>
>> # oscap info /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml
>> .......
>> Profiles:
>> .........
>> xccdf_org.ssgproject.content_profile_stig-rhel7-server-upstream
>>
>> # oscap xccdf eval --profile
>> xccdf_org.ssgproject.content_profile_stig-rhel7-server-upstream \
>> > /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml
>>
>> ........
>> Title Enable SSH Warning Banner
>> Rule xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner
>> Ident CCE-27314-4
>> Result unknown
>>
>> Title Create Warning Banners for All FTP Users
>> Rule xccdf_org.ssgproject.content_rule_ftp_present_banner
>> Ident CCE-RHEL7-CCE-TBD
>> Result pass
>>
>> OpenSCAP Error: Probe at sd=4 (systemdunitdependency) reported an error:
>> Unknown error [oval_probe_ext.c:393]
>> Unable to receive a message from probe [oval_probe_ext.c:579]
>> No definition with ID: oval:ssg:def:691 in result model.
>> [oval_agent.c:188]
>> Probe at sd=4 (systemdunitdependency) reported an error: Unknown error
>> [oval_probe_ext.c:393]
>> Unable to receive a message from probe [oval_probe_ext.c:579]
>> No definition with ID: oval:ssg:def:749 in result model.
>> [oval_agent.c:188]
>> Probe at sd=4 (systemdunitdependency) reported an error: Unknown error
>> [oval_probe_ext.c:393]
>> Unable to receive a message from probe [oval_probe_ext.c:579]
>> No definition with ID: oval:ssg:def:231 in result model.
>> [oval_agent.c:188]
>> Probe at sd=4 (systemdunitdependency) reported an error: Unknown error
>> [oval_probe_ext.c:393]
>> Unable to receive a message from probe [oval_probe_ext.c:579]
>> No definition with ID: oval:ssg:def:349 in result model.
>> [oval_agent.c:188]
>> Probe at sd=4 (systemdunitdependency) reported an error: Unknown error
>> [oval_probe_ext.c:393]
>> Unable to receive a message from probe [oval_probe_ext.c:579]
>> No definition with ID: oval:ssg:def:288 in result model.
>> [oval_agent.c:188]
>> Probe at sd=4 (systemdunitdependency) reported an error: Unknown error
>> [oval_probe_ext.c:393]
>> Unable to receive a message from probe [oval_probe_ext.c:579]
>> No definition with ID: oval:ssg:def:217 in result model.
>> [oval_agent.c:188]
>> Probe at sd=4 (systemdunitdependency) reported an error: Unknown error
>> [oval_probe_ext.c:393]
>> Unable to receive a message from probe [oval_probe_ext.c:579]
>> No definition with ID: oval:ssg:def:751 in result model.
>> [oval_agent.c:188]
>> Probe at sd=4 (systemdunitdependency) reported an error: Unknown error
>> [oval_probe_ext.c:393]
>> Unable to receive a message from probe [oval_probe_ext.c:579]
>> No definition with ID: oval:ssg:def:546 in result model.
>> [oval_agent.c:188]
>> Probe at sd=4 (systemdunitdependency) reported an error: Unknown error
>> [oval_probe_ext.c:393]
>> Unable to receive a message from probe [oval_probe_ext.c:579]
>> No definition with ID: oval:ssg:def:319 in result model.
>> [oval_agent.c:188]
>>
>
> FYI, I get these errors whether using SSG in RHEL or cloning upstream.
> Associated to the same rules on both.
>
> Rebuilt a fresh 7.2 and these went away .... but not sure why they
> happened in the first place.
>
> oval:ssg:def:691 -> service_autofs_disabled
> oval:ssg:def:749 -> service_rsyslog_enabled
> oval:ssg:def:231 -> service_abrtd_disabled
> oval:ssg:def:349 -> service_ntpdate_disabled
> oval:ssg:def:288 -> service_oddjobd_disabled
> oval:ssg:def:217 -> service_qpidd_disabled
> oval:ssg:def:751 -> service_rdisc_disabled
> oval:ssg:def:546 -> service_atd_disabled
> oval:ssg:def:319 -> sshd_enable_warning_banner
>
> When cloning and running testcheck service_autofs_disabled:
>
>> # ./testcheck.py oval_5.11/service_autofs_disabled.xml
>> Evaluating with OVAL tempfile : /tmp/service_autofs_disabledHfiaEu.xml
>> Writing results to : /tmp/service_autofs_disabledHfiaEu.xml-results
>> File '/tmp/service_autofs_disabledHfiaEu.xml' line 40: Element '{
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#linux}systemdunitdependency_test':
>> This element is not expected.
>> File '/tmp/service_autofs_disabledHfiaEu.xml' line 48: Element '{
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#linux}systemdunitdependency_object':
>> This element is not expected.
>> File '/tmp/service_autofs_disabledHfiaEu.xml' line 52: Element '{
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#linux}systemdunitdependency_state':
>> This element is not expected. Expected is one of ( {
>> http://oval.mitre.org/XMLSchema/oval-definitions-5}state, {
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#aix}interim_fix_state,
>> {http://oval.mitre.org/XMLSchema/oval-definitions-5#aix}fileset_state, {
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#aix}fix_state, {
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#aix}no_state, {
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#aix}oslevel_state, {
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#apache}httpd_state, {
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#catos}line_state, {
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#catos}module_state, {
>> http://oval.mitre.org/XMLSchema/oval-definitions-5#catos}version55_state
>> ).
>> File '/tmp/service_autofs_disabledHfiaEu.xml' line 19: Element '{
>> http://oval.mitre.org/XMLSchema/oval-definitions-5}criterion': No match
>> found for key-sequence ['oval:scap-security-guide.testing:tst:109'] of
>> keyref '{http://oval.mitre.org/XMLSchema/oval-definitions-5}testKeyRef'.
>> OpenSCAP Error: Invalid OVAL Definition (5.10) content in
>> /tmp/service_autofs_disabledHfiaEu.xml. [oscap_source.c:205]
>>
>> Error launching 'oscap' command:
>> oscap oval eval --results
>> /tmp/service_autofs_disabledHfiaEu.xml-results
>> /tmp/service_autofs_disabledHfiaEu.xml
>>
>
> However, on the "working RHEL 7.2" VM, ./testcheck runs perfectly fine (as
> does the overall scan).
>
> Scratching my head on this one... two systems, same versions of openscap &
> ssg, but getting these errors on one of them. Same hardware resources (2x
> CPU, 2048 memory). Any pointers?
>
> --
> SCAP Security Guide mailing list
> [email protected]
>
> https://lists.fedorahosted.org/admin/lists/[email protected]
> https://github.com/OpenSCAP/scap-security-guide/
>
--
SCAP Security Guide mailing list
[email protected]
https://lists.fedorahosted.org/admin/lists/[email protected]
https://github.com/OpenSCAP/scap-security-guide/
