-
Notifications
You must be signed in to change notification settings - Fork 686
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rhel7 rht-ccp: kernel_module_rds_disabled #66
Comments
The requirement specified by this OVAL check does not apply for RHEL-7 (neither for Server, Workstation, or Client) since there isn't corresponding rds.ko kernel object which could be potentially loaded. Can be verified by running e.g the command: rpm -ql kernel | grep rds | wc -l0 Also attempt to load rds.ko via modprobe results into: In my opinion, there isn't a point to implement an XCCDF / OVAL rule for system feature that can't actually happen. The only way it could happen the underlying system would have the rds.ko kernel object built is, they would install kernel-headers package & run make menuconfig for the kernel package & build a custom kernel. But this would be unsupported configuration (AFAICT), therefore in my opinion this rule can be unselected / deleted from the RHEL-7 CCP profile expectations. |
Yet, this note to be more complete, the rds module its not loaded by default: lsmod | grep rds | wc -lreturn zero. And can't be unloaded via rmmod: rmmod rdsrmmod: ERROR: Module rds is not currently loaded. For what is worthy if its not built-in, when retrieving the effective configuration from the config directory via "modprobe -c" command, "rds" module isn't listed there (neither directly, nor in the aliases). So in my opinion, this rule doesn't need to be ported to RHEL-7. |
And yet one observation / difference (with kernel-devel package installed on the particular RHEL-6 / RHEL-7 system) On RHEL-6 system: cat /usr/src/kernels/2.6.32-431.29.2.el6.i686/.config | grep CONFIG_RDS While on RHEL-7 system: So it's neither built-in, nor compiled as module / kernel object. |
@iankko thanks for hunting this down. many of these are just direct imports without any examination to see if they should be imported into RHEL7 content. So many we may end up just dropping. Resolving this ticket -- no need to import into RHEL7. |
Add rules for SLES-12-030400
No description provided.
The text was updated successfully, but these errors were encountered: