-
Bug
-
Resolution: Won't Do
-
Normal
-
None
-
rhel-8.6.0
-
None
-
Moderate
-
rhel-sst-security-compliance
-
ssg_security
-
None
-
False
-
-
No
-
None
-
None
-
None
-
If docs needed, set a value
-
-
All
-
None
Description of problem:
While using the openscap policy "CIS Red Hat Enterprise Linux 8 Benchmark for Level1-Server" for the system, it fails for the rule "Ensure All Files Are Owned by a User" for the file which have AD/sssd user. Which means the it does not consider or are aware for file with AD/sssd user and shows them as orphans.
Even as per the rule, running the below command does not show any files which are not owned by user,
- df --local -P | awk
{'if (NR!=1) print $6'}
| sudo xargs -I '{}' find '{}' -xdev -nouser
- find PARTITION -xdev -nouser
This happens with both openscap scan done by console.redhat.com and Red Hat Satellite
Version-Release number of selected component (if applicable):
Openscap
scap-security-guide
How reproducible:
Steps to Reproduce:
1. Attach the systems to policy "CIS Red Hat Enterprise Linux 8 Benchmark for Level1-Server"
2. The system should have files owned by AD/sssd user
3. Run the scap on the system
Actual results:
The rule does not consider files owned by AD/sssd user and fails for rule "Ensure All Files Are Owned by a User"
Expected results:
The rule should consider files owned by AD/sssd user and should not fail for the rule "Ensure All Files Are Owned by a User"
Additional info:
- is related to
-
-
- Closed
-
- external trackers
