Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

oscap-podman creates invalid ARFs #2167

Open
jan-cerny opened this issue Oct 16, 2024 · 3 comments
Open

oscap-podman creates invalid ARFs #2167

jan-cerny opened this issue Oct 16, 2024 · 3 comments

Comments

@jan-cerny
Copy link
Member

Description of Problem:

I have a problem that oscap-podman creates invalid ARFs.

This is a problem because openscap-report can't process invalid ARFs.

OpenSCAP Version:

openscap-1.4.0-1.fc40.x86_64
scap-security-guide-0.1.74-1.fc40.noarch

Operating System & Version:

F 40

Steps to Reproduce:

  1. sudo oscap-podman centos:stream9 xccdf eval --profile stig --results-arf /tmp/arf.xml /usr/share/xml/scap/ssg/content/ssg-cs9-ds.xml

Actual Results:

The <ai:hostname> element in the produced ARF file is empty.

Expected Results:

The <ai:hostname> element in the produced ARF file isn't empty.

Additional Information / Debugging Steps:

No

@ggbecker
Copy link
Member

Isn't the case that "oscap" command is generating an invalid ARF instead, because oscap-podman is just a wrapper. So we should rather look into oscap behavior when scanning a container.

Maybe OpenSCAP doesn't know what to put into that field when there is not a valid hostname (probably because it's a container), and puts nothing instead.

@ggbecker
Copy link
Member

Maybe the gethostname function is returning an empty string, which then is considered valid by the code (is not NULL):

if (gethostname(hname, _POSIX_HOST_NAME_MAX)) {

@evgenyz
Copy link
Contributor

evgenyz commented Jan 7, 2025

What is in urn:xccdf:fact:asset:identifier:host_name system fact?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants