-
Bug
-
Resolution: Unresolved
-
Normal
-
None
-
6.6.0
-
False
-
-
False
-
CLOSED
-
SAT-20461 - Satellite deployment with Postgres-compatible external databases
-
1,550
-
Endeavour
-
-
-
Moderate
-
Automated
-
None
Description of problem:
After applying the Ansible Role for the DISA Stig for RHEL of OpenScap 0.1.48 (https://github.com/ComplianceAsCode/content/releases/download/v0.1.48/scap-security-guide-0.1.48.zip) to the client system locally when 'theforeman.foreman_scap_client' role is applied from Satellite server getting the following error:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
TASK [theforeman.foreman_scap_client : Set facts for rh certs] *****************
fatal: [test.example.com]: FAILED! =>
msg: |-
the field 'args' has an invalid value ({u'rh_consumer_private_key_path': u"{{ (rh_certs.stdout | from_json).get('rh_consumer_private_key_path') }}", u'rh_consumer_cert_path': u"{{ (rh_certs.stdout | from_json).get('rh_consumer_cert_path') }}", u'rh_ca_cert_path': u"{{ (rh_certs.stdout | from_json).get('rh_ca_cert_path') }}"}), and could not be converted to an dict.The error was: No JSON object could be decoded
The error appears to be in '/usr/share/ansible/roles/theforeman.foreman_scap_client/tasks/main.yml': line 21, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:
- name: 'Set facts for rh certs'
^ here
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This ansible error seems to be a problem with: https://github.com/theforeman/ansible-foreman_scap_client
More specifically this commit has introduced this new task "Set facts for rh certs": https://github.com/theforeman/ansible-foreman_scap_client/commit/b2bf6c595363174935f94b0f479d27e8eb5690ba
Version-Release number of selected component (if applicable):
How reproducible:
Always
Steps to Reproduce:
1. Applied the ansible role DISA Stig for RHEL of OpenScap 0.1.48 (https://github.com/ComplianceAsCode/content/releases/download/v0.1.48/scap-security-guide-0.1.48.zip) to the client.
2. Executed theforeman.foreman_scap_client ansible role on the client
Actual results:
Role is failing with error.
Expected results:
it should get executed successfully.
Additional info:
It seems that the 'fapolicyd' service is causing the issue and not allowing the script to execute. After stopping the service, everything started working fine.
- external trackers