-
Bug
-
Resolution: Done-Errata
-
Undefined
-
rhel-8.10, rhel-9.4, rhel-10.0.beta
-
scap-security-guide-0.1.79-1.el9
-
No
-
Low
-
rhel-security-compliance
-
ssg_security
-
1
-
False
-
False
-
-
No
-
None
-
Pass
-
Automated
-
Unspecified Release Note Type - Unknown
-
Unspecified
-
Unspecified
-
Unspecified
-
-
x86_64
-
None
What were you trying to do that didn't work?
The remediation script is mean to set logrotation frequency to `daily` instead of the default `weekly`, but because of the location `daily` directive is inserted, it takes no effect.
Also, it will create `/etc/cron.daily/logrotate` file, which is not necessary for RHEL 9+.
What is the impact of this issue to you?
The customer has to fix this for their 400+ systems.
Please provide the package NVR for which the bug is seen:
scap-security-guide-0.1.74-3.el8_10.noarch
scap-security-guide-0.1.74-1.el9_4.noarch
scap-security-guide-0.1.74-1.el10.noarch
How reproducible is this bug?:
Always
Steps to reproduce
- With the profile `xccdf_org.ssgproject.content_profile_pci-dss`, enable `xccdf_org.ssgproject.content_rule_ensure_logrotate_activated` rule, and create a tailoring file.
- Using the tailoring file, evaluate a server.
- The result of the rule is returne `fail` with remediation scripts.
- Apply the remediation script
Expected results
daily
rotate 4
create
dateext
include /etc/logrotate.d
Actual results
rotate 4
create
dateext
include /etc/logrotate.d
daily
- links to
-
RHBA-2025:157078
scap-security-guide bug fix and enhancement update
