[Open-scap] fetch remote resources on RHEL7 fails
Shawn Wells
shawn at redhat.com
Fri Apr 7 05:17:35 UTC 2017
On 4/6/17 11:10 AM, Przemek Klosowski wrote:
>
> On a fresh-out-of-the-box+updated RHEL7 (with
> openscap-scanner-1.2.10-3.el7_3.x86_64)
>
> oscap xccdf eval --profile
> xccdf_org.ssgproject.content_profile_common --report
> /tmp/report.html /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml
> This content points out to the remote resources. Use
> `--fetch-remote-resources' option to download them.
> WARNING: Skipping
> http://www.redhat.com/security/data/oval/Red_Hat_Enterprise_Linux_7.xml
> file which is referenced from XCCDF content
>
> The scan goes off/generates reports, but in order to heed the the
> WARNING, I try to get the latest remote OVAL file
>
> oscap xccdf eval --fetch-remote-resources --profile
> xccdf_org.ssgproject.content_profile_common --report
> /tmp/report-remote.html
> /usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml
> Downloading:
> http://www.redhat.com/security/data/oval/Red_Hat_Enterprise_Linux_7.xml
> ... ok
> OpenSCAP Error: Unable to parse XML from user memory buffer
> [oscap_source.c:254]
> Failed to create OVAL definition model from:
> 'http://www.redhat.com/security/data/oval/Red_Hat_Enterprise_Linux_7.xml'.
> [xccdf_session.c:787]
>
> and the scan terminates. Is that a problem with the remote file
> (Red_Hat_Enterprise_Linux_7.xml) or an 'oscap' bug?
>
I get the exact same error - looks like a bug
$ cat /etc/redhat-release ; uname -a ; rpm -qv openscap-scanner ; free -m
Red Hat Enterprise Linux Server release 7.3 (Maipo)
Linux devbox 3.10.0-514.10.2.el7.x86_64 #1 SMP Mon Feb 20 02:37:52 EST
2017 x86_64 x86_64 x86_64 GNU/Linux
openscap-scanner-1.2.10-3.el7_3.x86_64
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/open-scap-list/attachments/20170407/1d770a21/attachment.htm>
More information about the Open-scap-list
mailing list