[Open-scap] RHEL 7 GRUB2 boot password

2018-01-23 Thread Dan White
Scanning some RHEL 7 VM's with the latest/greatest, I am getting a finding against the Boot Loader Password. I set it according to this RHEL 7 System Administrator's Guide page and this Red Hat Solutions page, but the test fails. Details from the report: --

[Open-scap] RHEL 6 - rsyslog vs rsyslog7

2018-01-23 Thread Dan White
Another head-scratcher: RHEL 6 scan brings up findings saying rsyslog is not installed or configured. We are using the rsyslog7 package for compatibility with things like Splunk and LogStash and such. Is there a workaround or should I create a bug/issue about this ? Dan White | d_e_wh..

Re: [Open-scap] [Marketing] RHEL 7 GRUB2 boot password

2018-01-23 Thread Dan White
I doubt it.  These VM's are configured for BIOS boot rather than UEFI An additional item of confuzzlement: A Nessus scan using RHEL 7 STIG v1r3 gives me a "pass" on this test. Something does not match up here. Dan White | d_e_wh...@icloud.com ---

Re: [Open-scap] [Marketing] RHEL 7 GRUB2 boot password

2018-01-23 Thread Pittigher, Raymond
Can this be related to a UEFI boot, which has the location in a different location. Scanning some RHEL 7 VM's with the latest/greatest, I am getting a finding against the Boot Loader Password. I set it according to this RHEL 7 System Administrator's Guide

Re: [Open-scap] RHEL 7 GRUB2 boot password

2018-01-23 Thread Watson Yuuma Sato
On 23/01/18 13:29, Dan White wrote: Scanning some RHEL 7 VM's with the latest/greatest, I am getting a finding against the Boot Loader Password. I set it according to this RHEL 7 System Administrator's Guide page

Re: [Open-scap] RHEL 7 GRUB2 boot password

2018-01-23 Thread Dan White
That helps me trouble shoot. Thanks. I will keep y’all informed. I think I will open a support ticket with Red Hat to attack this from the opposite direction. "Sometimes I think the surest sign that intelligent life exists elsewhere in the universe is that none of it has tried to contact us.

Re: [Open-scap] RHEL 7 GRUB2 boot password

2018-01-23 Thread Dan White
Running "grub2-mkconfig -o /boot/grub2/grub.cfg" without making any other changes made no difference Guess I need to tinker with the /etc/grub.d/01_users configuration file. Dan White | d_e_wh...@icloud.com “Sometimes I think the surest sign th

Re: [Open-scap] RHEL 7 GRUB2 boot password

2018-01-23 Thread Dan White
Something is very wrong here [root@jump-linux7 ~]# cat /etc/grub.d/01_users # ORIGINAL #!/bin/sh -e cat << EOF if [ -f \${prefix}/user.cfg ]; then   source \${prefix}/user.cfg   if [ -n "\${GRUB2_PASSWORD}" ]; then     set superusers="root"     export superusers     password_pbkdf2 root \${GRUB