Description of problem:
It is not possible to run sudo on a machine that was installed using ANSSI BP-028 (high) kickstart.
SCAP Security Guide Version:
6013bc0
Operating System Version:
RHEL 7, RHEL 8
Steps to Reproduce:
- Install a machine using ANSSI BP-028 (high) or ANSSI DAT-BP28 (high) kickstart
- Connect to the machine and run e.g.
sudo ls
Actual Results:
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
Expected Results:
Output from a command
Additional Information:
I suspect these two rules
sudoers_explicit_command_argssudoers_no_root_target
because they are also failing when the profile is tested using test_suite.py profile - they don't come with remediation, failure is expected in this test.
Description of problem:
It is not possible to run
sudoon a machine that was installed using ANSSI BP-028 (high) kickstart.SCAP Security Guide Version:
6013bc0
Operating System Version:
RHEL 7, RHEL 8
Steps to Reproduce:
sudo lsActual Results:
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit setExpected Results:
Output from a command
Additional Information:
I suspect these two rules
sudoers_explicit_command_argssudoers_no_root_targetbecause they are also failing when the profile is tested using
test_suite.py profile- they don't come with remediation, failure is expected in this test.