Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

HTML report doesn't show OVAL details for a specific rule #916

Closed
jan-cerny opened this issue Nov 21, 2017 · 0 comments
Closed

HTML report doesn't show OVAL details for a specific rule #916

jan-cerny opened this issue Nov 21, 2017 · 0 comments
Labels
bug help wanted

Comments

@jan-cerny
Copy link
Member

jan-cerny commented Nov 21, 2017
edited
Loading

When I run this command:

$ oscap xccdf eval --profile xccdf_scap-workbench_profile_customized \
--results results.xml --oval-results --report report.html \
--tailoring-file ssg-rhel7-ds-tailoring.xml \
/usr/share/xml/scap/ssg/content/ssg-rhel7-ds.xml

I got a HTML report with no OVAL details for the rule xccdf_org.ssgproject.content_rule_sysctl_kernel_dmesg_restrict

That is a bug, because:

  • I have specified --oval-results which implies OVAL details in HTML report
  • A collected item is collected in the oval results file, yet this item isn't displayed in HTML report.

screenshot from 2017-11-21 14-12-12

Please notice no OVAL details on the screenshot.

You can download tailoring file here:
ssg-rhel7-ds-tailoring.xml.zip

You can download my HTML report here:
report.html.zip

I am using openscap-1.2.14-2.el7.x86_64 and scap-security-guide-0.1.33-6.el7_4.noarch on Red Hat Enterprise Linux 7.4.

EDIT: I think that one of the possible problems here could be that the XCCDF rule xccdf_org.ssgproject.content_rule_sysctl_kernel_dmesg_restrict references an OVAL defintion oval:ssg-sysctl_kernel_dmesg_restrict:def:1 but that definition doesn't contain any test, instead it breaks down to 2 other OVAL defintions using extend_definiton.

<ns0:criteria operator="AND">
 <ns0:extend_definition comment="kernel.dmesg_restrict configuration setting check" definition_ref="oval:ssg-sysctl_static_kernel_dmesg_restrict:def:1"/>
 <ns0:extend_definition comment="kernel.dmesg_restrict runtime setting check" definition_ref="oval:ssg-sysctl_runtime_kernel_dmesg_restrict:def:1"/>
</ns0:criteria>

We need to investigate if our XSLT template supports handling extend_definition

Any help would be very appreciated.
@jan-cerny jan-cerny added the bug label Nov 21, 2017
@jan-cerny jan-cerny added this to the 1.2.17 milestone Nov 21, 2017
@jan-cerny jan-cerny mentioned this issue Jan 16, 2018
Closed
jan-cerny added a commit to jan-cerny/openscap that referenced this issue Jan 19, 2018
@jan-cerny
Show OVAL details for extend_definition
b39bd98 
If an OVAL definition was extended using 'extend_definition', there were
no details shown in the HTML report for the refereced definition(s).
This commit adds OVAL details for the extended definition to HTML report.
Fixes OpenSCAP#916, OpenSCAP#954.
@jan-cerny jan-cerny mentioned this issue Jan 19, 2018
Closed
2 tasks
@jan-cerny jan-cerny modified the milestones: 1.2.17, 1.2.18 May 29, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mpreisler @jan-cerny