rhel7 rht-ccp: kernel_module_rds_disabled

[shawndwells]

No description provided.

[iankko]

The requirement specified by this OVAL check does not apply for RHEL-7 (neither for Server, Workstation, or Client) since there isn't corresponding rds.ko kernel object which could be potentially loaded.

Can be verified by running e.g the command:

rpm -ql kernel | grep rds | wc -l

0

Also attempt to load rds.ko via modprobe results into:
[root@localhost ~]# uname -a
Linux localhost.localdomain 3.10.0-123.el7.x86_64 #1 SMP Mon May 5 11:16:57 EDT 2014 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost ~]# modprobe rds
modprobe: FATAL: Module rds not found.
[root@localhost ~]# echo $?
1
[root@localhost ~]#

In my opinion, there isn't a point to implement an XCCDF / OVAL rule for system feature that can't actually happen. The only way it could happen the underlying system would have the rds.ko kernel object built is, they would install kernel-headers package & run make menuconfig for the kernel package & build a custom kernel. But this would be unsupported configuration (AFAICT), therefore in my opinion this rule can be unselected / deleted from the RHEL-7 CCP profile expectations.

[iankko]

Yet, this note to be more complete, the rds module its not loaded by default:

lsmod | grep rds | wc -l

return zero. And can't be unloaded via rmmod:

rmmod rds

rmmod: ERROR: Module rds is not currently loaded.

For what is worthy if its not built-in, when retrieving the effective configuration from the config directory via "modprobe -c" command, "rds" module isn't listed there (neither directly, nor in the aliases).

So in my opinion, this rule doesn't need to be ported to RHEL-7.

[iankko]

And yet one observation / difference (with kernel-devel package installed on the particular RHEL-6 / RHEL-7 system)

On RHEL-6 system:

cat /usr/src/kernels/2.6.32-431.29.2.el6.i686/.config | grep CONFIG_RDS
CONFIG_RDS=m
CONFIG_RDS_RDMA=m
CONFIG_RDS_TCP=m
CONFIG_RDS_DEBUG is not set

While on RHEL-7 system:
cat /usr/src/kernels/3.10.0-123.6.3.el7.x86_64/.config | grep CONFIG_RDS
CONFIG_RDS is not set

So it's neither built-in, nor compiled as module / kernel object.

[shawndwells]

@iankko thanks for hunting this down. many of these are just direct imports without any examination to see if they should be imported into RHEL7 content. So many we may end up just dropping.

Resolving this ticket -- no need to import into RHEL7.