Comments (1)
So, I have checked the remediation, OVAL and test scenarios for this rule. I also did some manual tests with the Ansible Playbook and didn't find any issue.
This remediation was recently enabled for RHEL 9 in 5210a71
I found some logs from relevant tests executed about 3 weeks ago, when the remediation was enabled for RHEL9 and this issue was filed. I observed that the dnf-automatic_apply_updates
and dnf-automatic_apply_updates
rules were failing with many other profiles and not only with anssi_bp28_high
.
When investigating the Playbook logs I noticed the dnf-automatic
package was installed by package_dnf-automatic_installed
but, by any reason that I couldn't figure out, the tasks related to remediation in dnf-automatic_apply_updates
and dnf-automatic_apply_updates
were not even part of the Playbook.
Since the tasks were not executed, the automatic.conf
file was not remediated and the default settings were not compliant. Therefore, the check failure was correct.
Surprisingly, checking the most recent tests I can see the Playbook includes these tasks, proper remediate the system and the check pass after remediation. So, for now this issue is no longer present.
I believe these issues manifested only in a very short period of time while the Ansible remediation was enabled and the tests were executed. Maybe it was just an unfortunate issue of synchronization. I am not sure, but the issue seems no longer valid.
I am closing this and the #11773
from content.
Related Issues (20)
- "<" operator in jq filter fails the build HOT 4
- RHEL 8/9 - Unexpected active sessions stop by systemd-logind
- sudo is broken in testing environment with ANSSI High HOT 1
- Possibly add ensure_gpgcheck_local_packages ds_unselect for ANSSI HOT 2
- CIS 1.3.1 Ensure AIDE is installed HOT 4
- CIS 4.1.3.14 Ensure events that modify the system's Mandatory Access Controls are collected
- mount_option_boot_nosuid fails to remediate with Ansible HOT 6
- chronyd_or_ntpd_set_maxpoll is not remediated by Ansible HOT 2
- firewalld_sshd_port_enabled fails to remediate on aarch64 HOT 5
- accounts_umask_etc_bashrc is misaligned with RHEL 9 STIG HOT 4
- `audit_rules_networkconfig_modification_network_scripts` is broken in Automatus
- zipl_bootmap_is_up_to_date is failing after Ansible remediation HOT 2
- test scenarios for firewalld_sshd_port_enabled are failing on RHEL 8.6 HOT 4
- test scenario for service_bluetooth_disabled is not causing expected fail HOT 3
- Should files in /tmp be checked for permissions when using tmpfs?
- OpenSCAP Ubuntu 20.04 STIG Profile Issue with Banner Test HOT 2
- mount_option_nodev_nonroot_local_partitions reported as failing after scan of IB created image HOT 1
- Fedora Workstation 40 Remediations
- aide_use_fips_hashes fails after remediation HOT 1
- Failed on "Set SELinux boolean ssh_sysadm_login accordingly" HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from content.