oscap fails to evaluate rule "The Chronyd service is enabled" (xccdf_org.ssgproject.content_rule_service_chronyd_enabled)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu Security Guide |
New
|
Undecided
|
Unassigned |
Bug Description
oscap fails to evaluate rule "The Chronyd service is enabled" (xccdf_
Ubuntu 22.04.4 LTS
usg version: 22.04.6
Evaluating rule "The Chronyd service is enabled" (xccdf_
```
I: oscap: Evaluating XCCDF rule 'xccdf_
I: oscap: Evaluating definition 'oval:ssg-
I: oscap: Definition 'oval:ssg-
I: oscap: Evaluating definition 'oval:ssg-
I: oscap: Definition 'oval:ssg-
I: oscap: Evaluating definition 'oval:ssg-
I: oscap: Evaluating dpkginfo test 'oval:ssg-
I: oscap: Querying dpkginfo object 'oval:ssg-
I: oscap: Creating new syschar for dpkginfo_object 'oval:ssg-
I: probe_dpkginfo: chrony: element found version 0:4.2-2ubuntu2
I: probe_dpkginfo: Extracting item from the cache queue: cnt=2, beg=15
I: probe_dpkginfo: cache MISS
I: probe_dpkginfo: Extracting item from the cache queue: cnt=1, beg=16
I: oscap: Test 'oval:ssg-
I: oscap: 1 objects defined by 'oval:ssg-
I: oscap: Test 'oval:ssg-
I: oscap: All items matching object 'oval:ssg-
I: oscap: Test 'oval:ssg-
I: oscap: Definition 'oval:ssg-
I: oscap: Evaluating definition 'oval:ssg-
I: oscap: Evaluating dpkginfo test 'oval:ssg-
I: oscap: Querying dpkginfo object 'oval:ssg-
I: oscap: Creating new syschar for dpkginfo_object 'oval:ssg-
I: probe_dpkginfo: chrony: element found version 0:4.2-2ubuntu2
I: probe_dpkginfo: Extracting item from the cache queue: cnt=2, beg=2
I: probe_dpkginfo: cache MISS
I: probe_dpkginfo: Extracting item from the cache queue: cnt=1, beg=3
I: oscap: Test 'oval:ssg-
I: oscap: 1 objects defined by 'oval:ssg-
I: oscap: Test 'oval:ssg-
I: oscap: All items matching object 'oval:ssg-
I: oscap: Test 'oval:ssg-
I: oscap: Evaluating systemdunitproperty test 'oval:ssg-
I: oscap: Querying systemdunitproperty object 'oval:ssg-
I: oscap: Creating new syschar for systemdunitprop
I: oscap: Starting probe on URI 'pipe:/
I: probe_systemdun
I: probe_systemdun
I: probe_systemdun
I: oscap: Test 'oval:ssg-
I: oscap: 1 objects defined by 'oval:ssg-
I: oscap: All items matching object 'oval:ssg-
I: oscap: In test 'oval:ssg-
I: oscap: Entity 'value'='active' of item '117442481' matches corresponding entity in state 'oval:ssg-
I: oscap: Item '117442481' compared to state 'oval:ssg-
I: oscap: Test 'oval:ssg-
I: oscap: Evaluating systemdunitdepe
I: oscap: Querying systemdunitdepe
I: oscap: Creating new syschar for systemdunitdepe
I: oscap: Starting probe on URI 'pipe:/
I: oscap: FAIL: recv failed: dsc=0x55b2ef4cf220, errno=4, Interrupted system call.
I: oscap: FAIL: ctx=0x55b2f0d98290, sd=3, errno=4, Interrupted system call.
W: oscap: Can't receive message: 4, Interrupted system call.
E: oscap: Can't close sd: 10, No child processes.
E: oscap: Recv: retry limit (0) reached.
I: oscap: Test 'oval:ssg-
I: oscap: Evaluating systemdunitdepe
I: oscap: Querying systemdunitdepe
I: oscap: Creating new syschar for systemdunitdepe
I: oscap: FAIL: recv failed: dsc=0x55b2ef4cf220, errno=4, Interrupted system call.
I: oscap: FAIL: ctx=0x55b2f0d98290, sd=3, errno=4, Interrupted system call.
W: oscap: Can't receive message: 4, Interrupted system call.
E: oscap: Can't close sd: 10, No child processes.
E: oscap: Recv: retry limit (0) reached.
I: oscap: Test 'oval:ssg-
I: oscap: Definition 'oval:ssg-
```
Machine under CIS hardening runs ceph-osd juju charm.
Potentially related to:
- https:/