Description of problem:
Many rules which use sysctl template fail two test scenarios when SCE is used as a check engine.
- wrong_runtime.fail
- two_sysctls_on_same_file.pass
Also this test is failing: /per-rule/(oscap|ansible)/sysctl_kernel_unprivileged_bpf_disabled_accept_default/system_default.pass
You can pick for example sysctl_fs_protected_fifos as a rule to try this.
SCAP Security Guide Version:
master as of ebf9917
Operating System Version:
RHEL 8.10, 9.8, 10.2
Steps to Reproduce:
Use per-rule/oscap/from-env test to run it for a specific rule.
or per-rule/ansible/from-env
Actual Results:
Two mentioned scenarios fail.
Expected Results:
All scenarios pass.
Additional Information/Debugging Steps:
Description of problem:
Many rules which use sysctl template fail two test scenarios when SCE is used as a check engine.
Also this test is failing: /per-rule/(oscap|ansible)/sysctl_kernel_unprivileged_bpf_disabled_accept_default/system_default.pass
You can pick for example sysctl_fs_protected_fifos as a rule to try this.
SCAP Security Guide Version:
master as of ebf9917
Operating System Version:
RHEL 8.10, 9.8, 10.2
Steps to Reproduce:
Use per-rule/oscap/from-env test to run it for a specific rule.
or per-rule/ansible/from-env
Actual Results:
Two mentioned scenarios fail.
Expected Results:
All scenarios pass.
Additional Information/Debugging Steps: