New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Error when using --fetch-remote-resources #1509
Comments
|
Looks like you are using new SCAP Security Guide with old openscap. The old openscap versions don't support bzip2 files. Could you please paste |
|
According to code - if openscap was compiled WITHOUT bz2 support - It will not try to check whether content is bz2. I think we should print error message in such cases. @bkogami |
|
Thanks for you help guys! Here's a little bit of info. Rhel 7.2 comes with oscap 1.2.5 which appears that it does not have bzip2 support. Bruce oscap -VOpenSCAP command line tool (oscap) 1.2.5 ==== Supported specifications ==== ==== Capabilities added by auto-loaded plugins ==== ==== Paths ==== ==== Inbuilt CPE names ==== ==== Supported OVAL objects and associated OpenSCAP probes ==== New version - Works with remediation oscap -VOpenSCAP command line tool (oscap) 1.2.9 ==== Supported specifications ==== ==== Capabilities added by auto-loaded plugins ==== ==== Paths ==== ==== Inbuilt CPE names ==== ==== Supported OVAL objects and associated OpenSCAP probes ==== |
|
The remediation issue should be fixed by PR #1515. Please check it out. |
Hi,
When I run the standard compliance check using this command.
oscap xccdf eval --profile ospp-rhel7-server --report /root/oscap_usgcb_report.html /root/scap-security-guide/RHEL/7/output/ssg-rhel7-xccdf.xml
This works without any issue.
But, when I run the remediate option with --fetch-remote-resources, I get an error.
oscap xccdf eval --remediate --fetch-remote-resources --profile ospp-rhel7-server --report /root/oscap_usgcb_report_remediate2.html /root/scap-security-guide/RHEL/7/output/ssg-rhel7-xccdf.xml
Downloading: http://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml.bz2 ... ok
/tmp/oscap.RNVUP7/downloaded.d3YNjP:1: parser error : Start tag expected, '<' not found
BZh91AY&SYپ}T�?�_�x]�����������
^
/tmp/oscap.RNVUP7/downloaded.d3YNjP:1: parser error : Start tag expected, '<' not found
BZh91AY&SYپ}T�?�_�x]�����������
^
/tmp/oscap.RNVUP7/downloaded.d3YNjP:1: parser error : Start tag expected, '<' not found
BZh91AY&SYپ}T�?�_�x]�����������
^
OpenSCAP Error: Start tag expected, '<' not found [/tmp/oscap.RNVUP7/downloaded.d3YNjP:1] [oscap_source.c:186]
Unable to parse XML at: '/tmp/oscap.RNVUP7/downloaded.d3YNjP' [oscap_source.c:187]
Start tag expected, '<' not found [/tmp/oscap.RNVUP7/downloaded.d3YNjP:1] [oscap_source.c:186]
Unable to parse XML at: '/tmp/oscap.RNVUP7/downloaded.d3YNjP' [oscap_source.c:187]
Could not determine version for file: /tmp/oscap.RNVUP7/downloaded.d3YNjP [validate.c:226]
Start tag expected, '<' not found [/tmp/oscap.RNVUP7/downloaded.d3YNjP:1] [oscap_source.c:186]
Unable to parse XML at: '/tmp/oscap.RNVUP7/downloaded.d3YNjP' [oscap_source.c:187]
Unrecognized document type for: [oscap_source.c:202]
Invalid XCCDF Checklist (1.1) content in http://www.redhat.com/security/data/oval/com.redhat.rhsa-RHEL7.xml.bz2 [xccdf_session.c:738]
Has anyone seen this before?
Bruce
The text was updated successfully, but these errors were encountered: