-
Bug
-
Resolution: Done-Errata
-
Undefined
-
rhel-8.10, rhel-9.4.z
-
scap-security-guide-0.1.78-1.el9
-
No
-
Low
-
rhel-security-compliance
-
ssg_security
-
2
-
False
-
False
-
-
No
-
None
-
Pass
-
Manual
-
Unspecified Release Note Type - Unknown
-
Unspecified
-
Unspecified
-
Unspecified
-
-
x86_64
-
None
What were you trying to do that didn't work?
Some rules being marked as FAIL in the scan output report, while they already meet the requirements
Issue 1:
Ensure That the sudo Binary Has the Correct Permissions (xccdf_org.ssgproject.content_rule_file_permissions_sudo)
The system has the correct permission (-sx-x) of the "/usr/bin/sudo" file
Issue 2:
Both the remediation script and playbook set permissions wrongly to 4110 for /usr/bin/sudo which will cause issues to other users by losing SUDO access
Issue 3
Enable cron Service (xccdf_org.ssgproject.content_rule_service_cron_enabled)
crond.service is already Active and Enabled
Issue 4:
Enable the SSSD Service (xccdf_org.ssgproject.content_rule_service_sssd_enabled)
sssd.service is Enabled, however it cannot be activated because the Raw Image does not have the file (/etc/sssd/sssd.conf) by default
Affected version:
openscap-scanner-1.3.10-2.el8_9.x86_64
openscap-scanner-1.3.10-2.el9_3.x86_64
- links to
-
RHBA-2025:154689
scap-security-guide bug fix and enhancement update
