[Open-scap] Make check errors on SUSE
S, Gautam
gautams at hpe.com
Wed Mar 16 10:35:12 UTC 2016
Hi folks,
I am building and trying to test openscap on SLES SP3. Upon running "make check", there are a few places where the test cases fail.
1) Process58 probe failures
Making check in process58
make[3]: Entering directory `/root/SSG-Build/openscap/tests/probes/process58'
make check-TESTS
make[4]: Entering directory `/root/SSG-Build/openscap/tests/probes/process58'
----------------------------------------------------------------------
+ Ensure that selinux_domain_label is collected [ WARN ]
+ Ensure that tty number is translated into name [ FAIL ]
+ Ensure loguid return unsigned int (cat /proc/ID/loginuid) [ FAIL ]
+ Ensure sessionid is correct [ FAIL ]
+ Ensure capabilities with OVAL 5.11 [ FAIL ]
+ Ensure that command_line is collected [ FAIL ]
--------------------------------------------------
See tests/probes/process58/tests_probes_process88.log.
FAIL: all.sh
==========================================
1 of 1 tests failed
Please report to open-scap-list at redhat.com
==========================================
make[4]: *** [check-TESTS] Error 1
make[4]: Leaving directory `/root/SSG-Build/openscap/tests/probes/process58'
make[3]: *** [check-am] Error 2
make[3]: Leaving directory `/root/SSG-Build/openscap/tests/probes/process58'
make[2]: *** [check-recursive] Error 1
make[2]: Leaving directory `/root/SSG-Build/openscap/tests/probes'
make[1]: *** [check-recursive] Error 1
make[1]: Leaving directory `/root/SSG-Build/openscap/tests'
make: *** [check-recursive] Error 1
The log file contains a segmentation fault and what appears to be a sed command syntax error (???).
2) Run-level probe failures
Making check in runlevel
make[3]: Entering directory `/root/SSG-Build/openscap/tests/probes/runlevel'
make check-TESTS
make[4]: Entering directory `/root/SSG-Build/openscap/tests/probes/runlevel'
----------------------------------------------------------------------
+ test_probes_runlevel_A [ WARN ]
+ test_probes_runlevel_B [ FAIL ]
+ test_probes_runlevel_C [ FAIL ]
--------------------------------------------------
See tests/probes/runlevel/test_probes_runlevel.log.
FAIL: test_probes_runlevel.sh
==========================================
1 of 1 tests failed
Please report to open-scap-list at redhat.com
==========================================
None of the OVAL definitions are evaluated to True/False as I am seeing in RHEL. Evaluation throws error.
I am seeing that definitions using run-levels seem to not get evaluated correctly outside the context of the test as well. I have used the SSG OVAL file for RHEL here to illustrate this. Irrespective of sshd state, the definition returns true:
# oscap oval eval --id oval:ssg-service_sshd_disabled:def:1 sles11-oval.xml
Definition oval:ssg-service_sshd_disabled:def:1: true
Evaluation done.
# chkconfig --list sshd
sshd 0:off 1:off 2:off 3:on 4:off 5:on 6:off
#
# chkconfig sshd on
# chkconfig --list sshd
sshd 0:off 1:off 2:off 3:on 4:off 5:on 6:off
# oscap oval eval --id oval:ssg-service_sshd_disabled:def:1 sles11-oval.xml
Definition oval:ssg-service_sshd_disabled:def:1: true
Evaluation done.
Attaching both the log file to this mail.
Thank you.
Regards,
Gautam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20160316/21b69937/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tests_probes_process88.log
Type: application/octet-stream
Size: 708156 bytes
Desc: tests_probes_process88.log
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20160316/21b69937/attachment.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: test_probes_runlevel.log
Type: application/octet-stream
Size: 104641 bytes
Desc: test_probes_runlevel.log
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20160316/21b69937/attachment-0001.obj>
More information about the Open-scap-list
mailing list