Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Normal
Fix Version/s: None
Affects Version/s: 6.6.0
Component/s: SCAP Plugin
Labels:
- team-triaged
- triaged

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Epic Link:
SAT-23805
BZ Flags:
- qe_test_coverage+
- team_triaged+
BZ Status:
CLOSED
Bugzilla Bug:
RHBZ: 1814988
Feature Link:
SAT-20461 - Satellite deployment with Postgres-compatible external databases
PM Score:
1,550
Satellite Team:

Endeavour
BZ Keywords:
- MigratedToJIRA
- Triaged
Intelligence Requested:
Market:

Severity:
Moderate

Target Version:

6.17.0

Regression:
None

SFDC Cases Links:
SFDC Cases Counter:
SFDC Cases Open:

PX Priority Data:
PX Impact Score:

Description of problem:
After applying the Ansible Role for the DISA Stig for RHEL of OpenScap 0.1.48 (https://github.com/ComplianceAsCode/content/releases/download/v0.1.48/scap-security-guide-0.1.48.zip) to the client system locally when 'theforeman.foreman_scap_client' role is applied from Satellite server getting the following error:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
TASK [theforeman.foreman_scap_client : Set facts for rh certs] *****************

fatal: [test.example.com]: FAILED! =>
msg: |-
the field 'args' has an invalid value ({u'rh_consumer_private_key_path': u"{{ (rh_certs.stdout | from_json).get('rh_consumer_private_key_path') }}", u'rh_consumer_cert_path': u"{{ (rh_certs.stdout | from_json).get('rh_consumer_cert_path') }}", u'rh_ca_cert_path': u"{{ (rh_certs.stdout | from_json).get('rh_ca_cert_path') }}"}), and could not be converted to an dict.The error was: No JSON object could be decoded
The error appears to be in '/usr/share/ansible/roles/theforeman.foreman_scap_client/tasks/main.yml': line 21, column 3, but may
be elsewhere in the file depending on the exact syntax problem.
The offending line appears to be:

name: 'Set facts for rh certs'
^ here
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

This ansible error seems to be a problem with: https://github.com/theforeman/ansible-foreman_scap_client
More specifically this commit has introduced this new task "Set facts for rh certs": https://github.com/theforeman/ansible-foreman_scap_client/commit/b2bf6c595363174935f94b0f479d27e8eb5690ba

Version-Release number of selected component (if applicable):

How reproducible:
Always

Steps to Reproduce:
1. Applied the ansible role DISA Stig for RHEL of OpenScap 0.1.48 (https://github.com/ComplianceAsCode/content/releases/download/v0.1.48/scap-security-guide-0.1.48.zip) to the client.
2. Executed theforeman.foreman_scap_client ansible role on the client

Actual results:
Role is failing with error.

Expected results:
it should get executed successfully.

Additional info:
It seems that the 'fapolicyd' service is causing the issue and not allowing the script to execute. After stopping the service, everything started working fine.

external trackers

Foreman Issue Tracker 29475

Red Hat Knowledge Base (Solution) 4948911

Assignee:: RH Bugzilla Integration

Reporter:: Krutika Kinge

QA Contact:: RH Bugzilla Integration

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Created:: 2023/08/11 11:06 AM

Updated:: 2024/08/16 1:01 AM

Details

Description

Attachments

Issue Links

Activity

People

Dates