View Issue Details

IDProjectCategoryView StatusLast Update
0015052CentOS-7openscappublic2018-10-31 16:42
Reporterkimball2058 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
Product Version7.5.1804 
Target VersionFixed in Version 
Summary0015052: auditd service does not start on new installation with DISA STIG security profile
DescriptionFresh installation with DISA STIG security profile includes a misconfigured /etc/audit/auditd.conf file which does not allow the auditd service to start. Refer to https://github.com/OpenSCAP/scap-security-guide/issues/2553 and note the "Actual Results" and "Expected Results" sections.
Steps To Reproduce(1) Install from installation media
-minimal load
-set network and hostname
-default partitioning
-DISA STIG security profile
(2) Set root password and create administrative user during installation (STIG profile will not allow root login at console)
(3) Reboot after installation
(4) Log in as administrative user, execute sudo -s
(5) Run "systemctl status auditd" and review output
(6) Review contents of /etc/audit/auditd.conf
Additional InformationManually editing auditd.conf in accordance with the "Expected Results" section of the OpenSCAP bug report allows the auditd service to start normally.
TagsNo tags attached.
abrt_hash
URL

Activities

TrevorH

TrevorH

2018-07-15 22:57

manager   ~0032262

Pretty sure that'll be something inherited from upstream so you'll also want to report it on bugzilla.redhat.com to get that fixed.
kimball2058

kimball2058

2018-07-16 01:12

reporter   ~0032263

Done, Red Hat Bug 1601296
kimball2058

kimball2058

2018-10-31 16:42

reporter   ~0033027

Fixed upstream:
https://bugzilla.redhat.com/show_bug.cgi?id=1601296
https://access.redhat.com/errata/RHBA-2018:3308

Issue History

Date Modified Username Field Change
2018-07-15 22:32 kimball2058 New Issue
2018-07-15 22:57 TrevorH Note Added: 0032262
2018-07-16 01:12 kimball2058 Note Added: 0032263
2018-10-31 16:42 kimball2058 Note Added: 0033027