Comment 3 for bug 2060345

I'm sorry, Eduardo, but I have to disagree. oscap crashes with a core dump during audit. Even if an application installed on Ubuntu is misbehaving, the auditing tool should not crash. Have you analysed core dump? Why did oscap crash?

To give you some more context. ceph-mds is a part of Ceph, quite major building block for environments such as OpenStack or Kubernetes, that we build for customers. CIS hardening is becoming more and more requested feature. It is in our interest to make sure that the CIS hardening works well with Ceph.

This bug is a result of CIS hardening effort for one of our prominent customers. I'm subscribing field-high and once again ask you to take a look into this problem.

I'm attaching some more files from failed CIS audit on a fresh Ubuntu 22.04, with a ceph-mds package installed. Audit crashes for the following rules:

xccdf_org.ssgproject.content_rule_service_systemd-journald_enabled
xccdf_org.ssgproject.content_rule_service_rsyslog_enabled
xccdf_org.ssgproject.content_rule_service_ufw_enabled
xccdf_org.ssgproject.content_rule_service_cron_enabled
xccdf_org.ssgproject.content_rule_postfix_network_listening_disabled
xccdf_org.ssgproject.content_rule_service_timesyncd_enabled

Attached please see lp2060345.tar.gz with the following files:

/var/crash/_usr_lib_x86_64-linux-gnu_openscap_probe_systemdunitdependency.0.crash
/var/lib/usg/usg-log-20240415.1554.log
/var/lib/usg/usg-results-20240415.1554.xml
/var/lib/usg/usg-report-20240415.1554.html
/var/lib/usg/ssg-ubuntu2204-oval.xml.result-20240415.1554.xml
/var/lib/usg/ssg-ubuntu2204-cpe-oval.xml.result-20240415.1554.xml