Bug ID 1223832
Summary [Build 669.1] openQA test fails in oscap_remediating_online
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.6
Hardware Other
URL https://openqa.opensuse.org/tests/4108011/modules/oscap_remediating_online/steps/19
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter andrea.manzini@suse.com
QA Contact qa-bugs@suse.de
Target Milestone ---
Found By openQA
Blocker Yes 

## Observation

openQA test in scenario opensuse-15.6-DVD-aarch64-openscap@aarch64 fails in
[oscap_remediating_online](https://openqa.opensuse.org/tests/4108011/modules/oscap_remediating_online/steps/19)

## Test suite description
Maintainer: QE Security


## Reproducible

Fails since (at least) Build [582.1](https://openqa.opensuse.org/tests/3854976)


## Expected result

Last good: (unknown) (or more recent)


## Further details

Always latest result in this scenario:
[latest](https://openqa.opensuse.org/tests/latest?arch=aarch64&distri=opensuse&flavor=DVD&machine=aarch64&test=openscap&version=15.6)


## First Analysis 

with reference to https://progress.opensuse.org/issues/152059

on Leap 15.6 , CPE profile is missing so remediation command results in
"notapplicable" 



localhost:~ # oscap xccdf eval --remediate --profile standard --results
scan-xccdf-remediate-results.xml xccdf.xml 
--- Starting Evaluation ---

Title   Direct root Logins Not Allowed
Rule    no_direct_root_logins
Result  notapplicable

Title   sysctl kernel.sysrq must be 0
Rule    rule_misc_sysrq
Result  notapplicable


--- Starting Remediation ---



missing 15.6 is also noticeable with 

# oscap --version
OpenSCAP command line tool (oscap) 1.3.6
Copyright 2009--2021 Red Hat Inc., Durham, North Carolina.

==== Supported specifications ====
SCAP Version: 1.3
XCCDF Version: 1.2
OVAL Version: 5.11.1
CPE Version: 2.3
CVSS Version: 2.0
CVE Version: 2.0
Asset Identification Version: 1.1
Asset Reporting Format Version: 1.1
CVRF Version: 1.1

==== Capabilities added by auto-loaded plugins ====
No plugins have been auto-loaded...

==== Paths ====
Schema files: /usr/share/openscap/schemas
Default CPE files: /usr/share/openscap/cpe

==== Inbuilt CPE names ====
Red Hat Enterprise Linux - cpe:/o:redhat:enterprise_linux:-
Red Hat Enterprise Linux 5 - cpe:/o:redhat:enterprise_linux:5
Red Hat Enterprise Linux 6 - cpe:/o:redhat:enterprise_linux:6
Red Hat Enterprise Linux 7 - cpe:/o:redhat:enterprise_linux:7
Red Hat Enterprise Linux 8 - cpe:/o:redhat:enterprise_linux:8
Community Enterprise Operating System 5 - cpe:/o:centos:centos:5
Community Enterprise Operating System 6 - cpe:/o:centos:centos:6
Community Enterprise Operating System 7 - cpe:/o:centos:centos:7
Community Enterprise Operating System 8 - cpe:/o:centos:centos:8
Fedora 32 - cpe:/o:fedoraproject:fedora:32
Fedora 33 - cpe:/o:fedoraproject:fedora:33
Fedora 34 - cpe:/o:fedoraproject:fedora:34
Fedora 35 - cpe:/o:fedoraproject:fedora:35
openSUSE Leap 15.1 - cpe:/o:opensuse:leap:15.1
openSUSE Leap 15.2 - cpe:/o:opensuse:leap:15.2
openSUSE Leap 15.3 - cpe:/o:opensuse:leap:15.3
openSUSE Leap 15.4 - cpe:/o:opensuse:leap:15.4
openSUSE Leap 15.5 - cpe:/o:opensuse:leap:15.5  
openSUSE Tumbleweed - cpe:/o:opensuse:tumbleweed
SUSE Linux Enterprise Server 12 - cpe:/o:suse:sles:12
SUSE Linux Enterprise Desktop 12 - cpe:/o:suse:sled:12
SUSE Linux Enterprise Server 15 - cpe:/o:suse:sles:15
SUSE Linux Enterprise Desktop 15 - cpe:/o:suse:sled:15

You are receiving this mail because: