I have been trying to run an open-scap check on a registered machine, and I get
an error which looks like a pgsql error which I cannot work out.
I have setup an audit event to run the following:
/usr/bin/oscap xccdf eval
With the path to document on the client:
/usr/share/scap-content/first_xccdf.xml
And the event has been sent to the client. However when on the client I run
rhn_check –vvvv
I get:
# rhn_check -vvvv
D: opening db environment /var/lib/rpm cdb:mpool:joinenv
D: opening db index /var/lib/rpm/Packages rdonly mode=0x0
D: locked db index /var/lib/rpm/Packages
D: loading keyring from pubkeys in /var/lib/rpm/pubkeys/*.key
D: couldn't find any keys in /var/lib/rpm/pubkeys/*.key
D: loading keyring from rpmdb
D: opening db index /var/lib/rpm/Name rdonly mode=0x0
D: added key gpg-pubkey-66fd4949-4803fe57 to keyring
D: added key gpg-pubkey-c105b9de-4e0fd3a3 to keyring
D: added key gpg-pubkey-4bd6ec30-4c37bb40 to keyring
D: added key gpg-pubkey-0608b895-4bd22942 to keyring
D: added key gpg-pubkey-863a853d-4f55f54d to keyring
D: Using legacy gpg-pubkey(s) from rpmdb
D: opening db index /var/lib/rpm/Providename rdonly mode=0x0
D: check_action{'action': "<?xml
version='1.0'?>\n<methodCall>\n<methodName>scap.xccdf_eval</methodName>\n<params>\n<param>\n<value><struct>\n<member>\n<name>path</name>\n<value><string>/usr/share/scap-content/first_xccdf.xml</string></value>\n</member>\n<member>\n<name>params</name>\n<value><string></string></value>\n</member>\n<member>\n<name>id</name>\n<value><int>276</int></value>\n</member>\n<member>\n<name>file_size</name>\n<value><int>0</int></value>\n</member>\n</struct></value>\n</param>\n</params>\n</methodCall>\n",
'version': 2, 'id': 276}
updateLoginInfo() login info
D: login(forceUpdate=True) invoked
logging into up2date server
D: rpcServer: Calling XMLRPC up2date.login
D: writeCachedLogin() invoked
D: Wrote pickled loginInfo at 1399848298.96 with expiration of 1399851898.96
seconds.
successfully retrieved authentication token from up2date server
D: logininfo:{'X-RHN-Server-Id': 1000010032, 'X-RHN-Auth-Server-Time':
'1399848298.94', 'X-RHN-Auth': 'CMqTqCi+0SDl8q3BhfHMIQ==',
'X-RHN-Auth-Channels': [['sb-latest-channel', '20140509151111', '1', '1'], ['',
'20140512013000', '0', '1'], ['', '20140512014643', '0', '1'], ['',
'20140512015404', '0', '1'], [', '20140512014632', '0', '1'], ['',
'20140512015359', '0', '1'], ['', '20140512075715', '0', '1']],
'X-RHN-Auth-User-Id': '', 'X-RHN-Auth-Expire-Offset': '3600.0'}
D: handle_action{'action': "<?xml
version='1.0'?>\n<methodCall>\n<methodName>scap.xccdf_eval</methodName>\n<params>\n<param>\n<value><struct>\n<member>\n<name>path</name>\n<value><string>/usr/share/scap-content/first_xccdf.xml</string></value>\n</member>\n<member>\n<name>params</name>\n<value><string></string></value>\n</member>\n<member>\n<name>id</name>\n<value><int>276</int></value>\n</member>\n<member>\n<name>file_size</name>\n<value><int>0</int></value>\n</member>\n</struct></value>\n</param>\n</params>\n</methodCall>\n",
'version': 2, 'id': 276}
D: handle_action actionid = 276, version = 2
D: do_call scap.xccdf_eval({'path': '/usr/share/scap-content/first_xccdf.xml',
'params': '', 'id': 276, 'file_size': 0},){'cache_only': None}
D: Running: ['/usr/bin/oscap', 'xccdf', 'eval', '--results', '/tmp/tmpNj5pa7',
'/usr/share/scap-content/first_xccdf.xml']
D: The oscap tool completed
D: Running: ['/usr/bin/xsltproc', '--output', '/tmp/tmpUJ16az',
'/usr/share/openscap/xsl/xccdf-resume.xslt', '/tmp/tmpNj5pa7']
D: The xsltproc tool completed:
D: Sending back response(0, 'openscap scan completed', {'errors': '', 'resume':
‘PD94bWwgdmVyc2…..8aW5mb3JtYXRpb25hbC8+PGZpeGVkLz48L1Rlc3RSZXN1bHQ+PC9i\nZW5jaG1hcmstcmVzdW1lPgo=\n'})
XMLRPC ProtocolError: <ProtocolError for the.url.com /XMLRPC: 500 Internal
Server Error>
D: closed db index /var/lib/rpm/Providename
D: closed db index /var/lib/rpm/Name
D: closed db index /var/lib/rpm/Packages
D: closed db environment /var/lib/rpm
And on the server I see the following error:
==> rhn_server_xmlrpc.log <==
2014/05/12 08:44:58 +11:00 62663 192.168.8.60: xmlrpc/queue.get(1000010032, 2,
'checkins enabled')
2014/05/12 08:44:58 +11:00 59639 192.168.8.60: xmlrpc/up2date.login(1000010032,)
2014/05/12 08:45:00 +11:00 59638 192.168.8.60: xmlrpc/queue.submit(1000010032,
276, 0)
2014/05/12 08:45:01 +11:00 59638 192.168.8.60:
server/apacheRequest.call_function('ERROR', 'Unhandled exception',
IntegrityError('new row for relation "rhnxccdfprofile" violates check
constraint "vn_rhnxccdfprofile_identifier"\nCONTEXT: Error occurred on dblink
connection named "at_conn": could not execute command.\nSQL statement "SELECT
dblink_exec(\'at_conn\', $1 , true)"\nPL/pgSQL function "pg_dblink_exec" line
7 at PERFORM\nSQL statement "SELECT pg_dblink_exec( \'insert into
rhnXccdfProfile (id, identifier, title) values (\' || $1 || \', \' ||
coalesce(quote_literal( $2 ), \'NULL\') || \', \' || coalesce(quote_literal( $3
), \'NULL\') || \')\' )"\nPL/pgSQL function "lookup_xccdf_profile" line 12 at
PERFORM\n',))
Sent by:
Nick Beagley
e: [email protected]
a: level 11-12, 410 collins street, melbourne, australia 3000
p: 1300 633 233
f: +61 3 9670 6110
www.odecee.com.au
Odecee Pty Ltd - ABN 52 103 811 732. This email may contain confidential
information. If you are not the intended recipient, please immediately notify
us at [email protected] or by replying to the sender, and then destroy
all copies of this email. Except where this email indicates otherwise, views
expressed in this email are those of the sender and not of Odecee Pty Ltd.
Odecee Pty Ltd does not represent that this email is free of errors, viruses or
interference.
From: Nicholas Beagley <[email protected]<mailto:[email protected]>>
Date: Monday, 12 May 2014 8:59 am
To: "[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Subject: rhn_check error with open-scap run
Sent by:
Nick Beagley
e: [email protected]
a: level 11-12, 410 collins street, melbourne, australia 3000
p: 1300 633 233
f: +61 3 9670 6110
www.odecee.com.au
Odecee Pty Ltd - ABN 52 103 811 732. This email may contain confidential
information. If you are not the intended recipient, please immediately notify
us at [email protected]<mailto:[email protected]> or by replying
to the sender, and then destroy all copies of this email. Except where this
email indicates otherwise, views expressed in this email are those of the
sender and not of Odecee Pty Ltd. Odecee Pty Ltd does not represent that this
email is free of errors, viruses or interference.
_______________________________________________
Spacewalk-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/spacewalk-list
