On 11/24/2015 07:32 PM, Shawn Wells wrote:
Running on RHEL 7.2, receiving "No definition with ID: ...." errors. Known issue?# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.2 (Maipo) # yum -y install openscap-scanner scap-security-guide # rpm -qv openscap-scanner scap-security-guide openscap-scanner-1.2.5-3.el7.x86_64 scap-security-guide-0.1.25-3.el7.noarch # oscap info /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml ....... Profiles: ......... xccdf_org.ssgproject.content_profile_stig-rhel7-server-upstream # oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_stig-rhel7-server-upstream \ > /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml ........ Title Enable SSH Warning Banner Rule xccdf_org.ssgproject.content_rule_sshd_enable_warning_banner Ident CCE-27314-4 Result unknown Title Create Warning Banners for All FTP Users Rule xccdf_org.ssgproject.content_rule_ftp_present_banner Ident CCE-RHEL7-CCE-TBD Result pass OpenSCAP Error: Probe at sd=4 (systemdunitdependency) reported an error: Unknown error [oval_probe_ext.c:393] Unable to receive a message from probe [oval_probe_ext.c:579] No definition with ID: oval:ssg:def:691 in result model. [oval_agent.c:188] Probe at sd=4 (systemdunitdependency) reported an error: Unknown error [oval_probe_ext.c:393]
Seems that /usr/libexec/openscap/probe_systemdunitdependency has died on your specific set-up. This is definitely issue in OpenSCAP not the SSG.
If I was to debug this, I would try to run the same command with the latest OpenSCAP from git.
If I was lucky, and the probe still fails. I would use the debug/verbose mode to learn more about what the probe is trying to achieve here.
Best, ~š.
Unable to receive a message from probe [oval_probe_ext.c:579] No definition with ID: oval:ssg:def:749 in result model. [oval_agent.c:188] Probe at sd=4 (systemdunitdependency) reported an error: Unknown error [oval_probe_ext.c:393] Unable to receive a message from probe [oval_probe_ext.c:579] No definition with ID: oval:ssg:def:231 in result model. [oval_agent.c:188] Probe at sd=4 (systemdunitdependency) reported an error: Unknown error [oval_probe_ext.c:393] Unable to receive a message from probe [oval_probe_ext.c:579] No definition with ID: oval:ssg:def:349 in result model. [oval_agent.c:188] Probe at sd=4 (systemdunitdependency) reported an error: Unknown error [oval_probe_ext.c:393] Unable to receive a message from probe [oval_probe_ext.c:579] No definition with ID: oval:ssg:def:288 in result model. [oval_agent.c:188] Probe at sd=4 (systemdunitdependency) reported an error: Unknown error [oval_probe_ext.c:393] Unable to receive a message from probe [oval_probe_ext.c:579] No definition with ID: oval:ssg:def:217 in result model. [oval_agent.c:188] Probe at sd=4 (systemdunitdependency) reported an error: Unknown error [oval_probe_ext.c:393] Unable to receive a message from probe [oval_probe_ext.c:579] No definition with ID: oval:ssg:def:751 in result model. [oval_agent.c:188] Probe at sd=4 (systemdunitdependency) reported an error: Unknown error [oval_probe_ext.c:393] Unable to receive a message from probe [oval_probe_ext.c:579] No definition with ID: oval:ssg:def:546 in result model. [oval_agent.c:188] Probe at sd=4 (systemdunitdependency) reported an error: Unknown error [oval_probe_ext.c:393] Unable to receive a message from probe [oval_probe_ext.c:579] No definition with ID: oval:ssg:def:319 in result model. [oval_agent.c:188] -- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected] https://github.com/OpenSCAP/scap-security-guide/
-- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected] https://github.com/OpenSCAP/scap-security-guide/
