We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Thanks!
system hangs after oom kills oscap. Should oscap check the available ram size and stops executing if the minimum memory requirement doesn't meet?
Sep 13 01:37:51 ip-10-0-1-132 kernel: oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/user.slice/user-1000.slice/session-1.scope,task=oscap,pid=15531,uid=0 Sep 13 01:37:51 ip-10-0-1-132 kernel: Out of memory: Killed process 15531 (oscap) total-vm:1914356kB, anon-rss:455456kB, file-rss:0kB, shmem-rss:0kB, UID:0 pgtables:1276kB oom_score_adj:0 Sep 13 01:37:51 ip-10-0-1-132 systemd[1]: session-1.scope: A process of this unit has been killed by the OOM killer. Sep 13 01:38:17 ip-10-0-1-132 oscap[15903]: Evaluation started. Content: /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml, Profile: xccdf_org.ssgproject.content_profile_e8. Sep 13 01:38:53 ip-10-0-1-132 systemd-logind[640]: New session 3 of user ec2-user. Sep 13 01:38:53 ip-10-0-1-132 systemd[1]: Started Session 3 of User ec2-user. Sep 13 01:38:53 ip-10-0-1-132 systemd[1]: Starting Hostname Service... Sep 13 01:38:53 ip-10-0-1-132 systemd[1]: Started Hostname Service. Sep 13 01:38:55 ip-10-0-1-132 su[15957]: (to root) root on pts/1
Sep 13 01:39:25 ip-10-0-1-132 systemd[1]: systemd-hostnamed.service: Deactivated successfully. Sep 13 01:39:29 ip-10-0-1-132 oscap[15903]: Evaluation finished. Return code: 2, Base score 56.775208.
$ oscap -V OpenSCAP command line tool (oscap) 1.3.10
$ cat /etc/redhat-release Red Hat Enterprise Linux release 9.4 (Plow)
Title Write Audit Logs to the Disk Rule xccdf_org.ssgproject.content_rule_auditd_write_logs Ident CCE-83705-4 Result pass
oscap should check the minimum resource requirements before executing rather than causing a serious issue on the system
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Thanks!
Description of Problem:
system hangs after oom kills oscap. Should oscap check the available ram size and stops executing if the minimum memory requirement doesn't meet?
Sep 13 01:37:51 ip-10-0-1-132 kernel: oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/user.slice/user-1000.slice/session-1.scope,task=oscap,pid=15531,uid=0
Sep 13 01:37:51 ip-10-0-1-132 kernel: Out of memory: Killed process 15531 (oscap) total-vm:1914356kB, anon-rss:455456kB, file-rss:0kB, shmem-rss:0kB, UID:0 pgtables:1276kB oom_score_adj:0
Sep 13 01:37:51 ip-10-0-1-132 systemd[1]: session-1.scope: A process of this unit has been killed by the OOM killer.
Sep 13 01:38:17 ip-10-0-1-132 oscap[15903]: Evaluation started. Content: /usr/share/xml/scap/ssg/content/ssg-rhel9-ds.xml, Profile: xccdf_org.ssgproject.content_profile_e8.
Sep 13 01:38:53 ip-10-0-1-132 systemd-logind[640]: New session 3 of user ec2-user.
Sep 13 01:38:53 ip-10-0-1-132 systemd[1]: Started Session 3 of User ec2-user.
Sep 13 01:38:53 ip-10-0-1-132 systemd[1]: Starting Hostname Service...
Sep 13 01:38:53 ip-10-0-1-132 systemd[1]: Started Hostname Service.
Sep 13 01:38:55 ip-10-0-1-132 su[15957]: (to root) root on pts/1
Sep 13 01:39:25 ip-10-0-1-132 systemd[1]: systemd-hostnamed.service: Deactivated successfully.
Sep 13 01:39:29 ip-10-0-1-132 oscap[15903]: Evaluation finished. Return code: 2, Base score 56.775208.
OpenSCAP Version:
$ oscap -V
OpenSCAP command line tool (oscap) 1.3.10
Operating System & Version:
$ cat /etc/redhat-release
Red Hat Enterprise Linux release 9.4 (Plow)
Steps to Reproduce:
Actual Results:
System hangs after printing out the following output
Title Write Audit Logs to the Disk
Rule xccdf_org.ssgproject.content_rule_auditd_write_logs
Ident CCE-83705-4
Result pass
Expected Results:
oscap should check the minimum resource requirements before executing rather than causing a serious issue on the system
Additional Information / Debugging Steps:
The text was updated successfully, but these errors were encountered: