Skip to content

sysctl template: SCE checks fail two test scenarios #14847

Description

@vojtapolasek

Description of problem:

Many rules which use sysctl template fail two test scenarios when SCE is used as a check engine.

  • wrong_runtime.fail
  • two_sysctls_on_same_file.pass

Also this test is failing: /per-rule/(oscap|ansible)/sysctl_kernel_unprivileged_bpf_disabled_accept_default/system_default.pass

You can pick for example sysctl_fs_protected_fifos as a rule to try this.

SCAP Security Guide Version:

master as of ebf9917

Operating System Version:

RHEL 8.10, 9.8, 10.2

Steps to Reproduce:

Use per-rule/oscap/from-env test to run it for a specific rule.
or per-rule/ansible/from-env

Actual Results:

Two mentioned scenarios fail.

Expected Results:

All scenarios pass.

Additional Information/Debugging Steps:

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions