Error: Probe at sd=X (selinuxboolean) (RockyLinux8, SUSE SLE15)

[yakhatape]

Description of Problem:

Trying to scan my RockyLinux8 host with the ANSSI security test and I have the following error :

OpenSCAP Error: Probe at sd=13 (selinuxboolean) reported an error: Invalid type, value or format [/builddir/build/BUILD/openscap-1.3.6/src/OVAL/oval_probe_ext.c:384]
Unable to receive a message from probe [/builddir/build/BUILD/openscap-1.3.6/src/OVAL/oval_probe_ext.c:572]
Invalid oval result type: -1. [/builddir/build/BUILD/openscap-1.3.6/src/OVAL/results/oval_resultTest.c:181]

OpenSCAP Version:

OpenSCAP command line tool (oscap) 1.3.6
Copyright 2009--2021 Red Hat Inc., Durham, North Carolina.

==== Supported specifications ====
SCAP Version: 1.3
XCCDF Version: 1.2
OVAL Version: 5.11.1
CPE Version: 2.3
CVSS Version: 2.0
CVE Version: 2.0
Asset Identification Version: 1.1
Asset Reporting Format Version: 1.1
CVRF Version: 1.1

==== Capabilities added by auto-loaded plugins ====
No plugins have been auto-loaded...

==== Paths ====
Schema files: /usr/share/openscap/schemas
Default CPE files: /usr/share/openscap/cpe

==== Inbuilt CPE names ====
Red Hat Enterprise Linux - cpe:/o:redhat:enterprise_linux:-
Red Hat Enterprise Linux 5 - cpe:/o:redhat:enterprise_linux:5
Red Hat Enterprise Linux 6 - cpe:/o:redhat:enterprise_linux:6
Red Hat Enterprise Linux 7 - cpe:/o:redhat:enterprise_linux:7
Red Hat Enterprise Linux 8 - cpe:/o:redhat:enterprise_linux:8
Community Enterprise Operating System 5 - cpe:/o:centos:centos:5
Community Enterprise Operating System 6 - cpe:/o:centos:centos:6
Community Enterprise Operating System 7 - cpe:/o:centos:centos:7
Community Enterprise Operating System 8 - cpe:/o:centos:centos:8
Rocky Linux 8 - cpe:/o:rocky:rocky:8
Fedora 32 - cpe:/o:fedoraproject:fedora:32
Fedora 33 - cpe:/o:fedoraproject:fedora:33
Fedora 34 - cpe:/o:fedoraproject:fedora:34
Fedora 35 - cpe:/o:fedoraproject:fedora:35

==== Supported OVAL objects and associated OpenSCAP probes ====
OVAL family   OVAL object                  OpenSCAP probe
----------    ----------                   ----------
independent   environmentvariable          probe_environmentvariable
independent   environmentvariable58        probe_environmentvariable58
independent   family                       probe_family
independent   filehash                     probe_filehash (MD5, SHA-1)
independent   filehash58                   probe_filehash58 (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512)
independent   system_info                  probe_system_info
independent   textfilecontent              probe_textfilecontent
independent   textfilecontent54            probe_textfilecontent54
independent   variable                     probe_variable
independent   xmlfilecontent               probe_xmlfilecontent
independent   yamlfilecontent              probe_yamlfilecontent
linux         iflisteners                  probe_iflisteners
linux         inetlisteningservers         probe_inetlisteningservers
linux         partition                    probe_partition
linux         rpminfo                      probe_rpminfo
linux         rpmverify                    probe_rpmverify
linux         rpmverifyfile                probe_rpmverifyfile
linux         rpmverifypackage             probe_rpmverifypackage
linux         selinuxboolean               probe_selinuxboolean
linux         selinuxsecuritycontext       probe_selinuxsecuritycontext
linux         systemdunitdependency        probe_systemdunitdependency
linux         systemdunitproperty          probe_systemdunitproperty
unix          dnscache                     probe_dnscache
unix          file                         probe_file
unix          fileextendedattribute        probe_fileextendedattribute
unix          gconf                        probe_gconf
unix          interface                    probe_interface
unix          password                     probe_password
unix          process                      probe_process
unix          process58                    probe_process58
unix          routingtable                 probe_routingtable
unix          runlevel                     probe_runlevel
unix          shadow                       probe_shadow
unix          symlink                      probe_symlink
unix          sysctl                       probe_sysctl
unix          uname                        probe_uname
unix          xinetd                       probe_xinetd

Operating System & Version:

Rocky Linux 8.7
4.18.0-425.13.1.el8_7.x86_64 #1 SMP Tue Feb 21 19:25:54 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

Steps to Reproduce:

1. run the following command : sudo oscap xccdf eval --report unit-test-anssi-enhanced-scan.html --profile anssi_bp28_intermediary /usr/share/xml/scap/ssg/content/ssg-rl8-ds-1.2.xml

Actual Results:

OpenSCAP Error: Probe at sd=13 (selinuxboolean) reported an error: Invalid type, value or format [/builddir/build/BUILD/openscap-1.3.6/src/OVAL/oval_probe_ext.c:384]
Unable to receive a message from probe [/builddir/build/BUILD/openscap-1.3.6/src/OVAL/oval_probe_ext.c:572]
Invalid oval result type: -1. [/builddir/build/BUILD/openscap-1.3.6/src/OVAL/results/oval_resultTest.c:181]
``

#### Expected Results:
Finish successfully

#### Additional Information / Debugging Steps:
No one error with the following scan : 

`sudo oscap xccdf eval --report unit-test-disa-scan.html --profile stig /usr/share/xml/scap/ssg/content/ssg-rl8-ds.xml
`

[yakhatape]

can you tell me if im on the right repository for this issue maybe i'm not in the right place ?
Or if you need more details I'm stay open :)

[evgenyz]

Yes, you're in a right place. The error appears to be very strange, it'd require some time to triage. In the mean time try and reproduce it with the latest release: 1.3.7 if you can.

[yakhatape]

Thanks @evgenyz for feedback, the v1.3.7 isn't for moment available on rockylinux official repository. Once its available I will try again and keep you in touch

[teacup-on-rockingchair]

👍
I am reproducing this also on SUSE SLE15, with oscap releases 1.3.7 and 1.3.8 also:

sles-15-sp2:/ComplianceAsCodeContent/build # oscap -V
OpenSCAP command line tool (oscap) 1.3.8
Copyright 2009--2021 Red Hat Inc., Durham, North Carolina.

==== Supported specifications ====
SCAP Version: 1.3
XCCDF Version: 1.2
OVAL Version: 5.11.1
CPE Version: 2.3
CVSS Version: 2.0
CVE Version: 2.0
Asset Identification Version: 1.1
Asset Reporting Format Version: 1.1
CVRF Version: 1.1

==== Capabilities added by auto-loaded plugins ====
SCE Version: 1.0 (from libopenscap_sce.so.25)

==== Paths ====
Schema files: /usr/local/share/openscap/schemas
Default CPE files: /usr/local/share/openscap/cpe

==== Inbuilt CPE names ====
Red Hat Enterprise Linux - cpe:/o:redhat:enterprise_linux:-
Red Hat Enterprise Linux 5 - cpe:/o:redhat:enterprise_linux:5
Red Hat Enterprise Linux 6 - cpe:/o:redhat:enterprise_linux:6
Red Hat Enterprise Linux 7 - cpe:/o:redhat:enterprise_linux:7
Red Hat Enterprise Linux 8 - cpe:/o:redhat:enterprise_linux:8
Community Enterprise Operating System 5 - cpe:/o:centos:centos:5
Community Enterprise Operating System 6 - cpe:/o:centos:centos:6
Community Enterprise Operating System 7 - cpe:/o:centos:centos:7
Community Enterprise Operating System 8 - cpe:/o:centos:centos:8
Fedora 32 - cpe:/o:fedoraproject:fedora:32
Fedora 33 - cpe:/o:fedoraproject:fedora:33
Fedora 34 - cpe:/o:fedoraproject:fedora:34
Fedora 35 - cpe:/o:fedoraproject:fedora:35

==== Supported OVAL objects and associated OpenSCAP probes ====
OVAL family   OVAL object                  OpenSCAP probe              
----------    ----------                   ----------                  
independent   environmentvariable          probe_environmentvariable
independent   environmentvariable58        probe_environmentvariable58
independent   family                       probe_family
independent   filehash                     probe_filehash (MD5, SHA-1)
independent   filehash58                   probe_filehash58 (MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512)
independent   system_info                  probe_system_info
independent   textfilecontent              probe_textfilecontent
independent   textfilecontent54            probe_textfilecontent54
independent   variable                     probe_variable
independent   xmlfilecontent               probe_xmlfilecontent
independent   yamlfilecontent              probe_yamlfilecontent
linux         iflisteners                  probe_iflisteners
linux         inetlisteningservers         probe_inetlisteningservers
linux         partition                    probe_partition
linux         rpminfo                      probe_rpminfo
linux         rpmverify                    probe_rpmverify
linux         rpmverifyfile                probe_rpmverifyfile
linux         rpmverifypackage             probe_rpmverifypackage
linux         selinuxboolean               probe_selinuxboolean
linux         selinuxsecuritycontext       probe_selinuxsecuritycontext
unix          dnscache                     probe_dnscache
unix          file                         probe_file
unix          fileextendedattribute        probe_fileextendedattribute
unix          interface                    probe_interface
unix          password                     probe_password
unix          process                      probe_process
unix          process58                    probe_process58
unix          routingtable                 probe_routingtable
unix          runlevel                     probe_runlevel
unix          shadow                       probe_shadow
unix          symlink                      probe_symlink
unix          sysctl                       probe_sysctl
unix          uname                        probe_uname
unix          xinetd                       probe_xinetd
 # 
 # /usr/local/bin/oscap --verbose INFO xccdf eval --results /tmp/results.xml --profile anssi_bp28_high --rule xccdf_org.ssgproject.content_rule_sebool_selinuxuser_execheap ssg-sle15-ds.xml
I: oscap: Identified document type: data-stream-collection
I: oscap: Created a new XCCDF session from a SCAP Source Datastream 'ssg-sle15-ds.xml'.
I: oscap: Validating XML signature.
I: oscap: Signature node not found
WARNING: Datastream component 'scap_org.open-scap_cref_pub-projects-security-oval-suse.linux.enterprise.15.xml' points out to the remote 'https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.15.xml'. Use '--fetch-remote-resources' option to download it.
WARNING: Skipping 'https://ftp.suse.com/pub/projects/security/oval/suse.linux.enterprise.15.xml' file which is referenced from datastream
I: oscap: Identified document type: Benchmark
I: oscap: File ssg-sle15-cpe-oval.xml has already been registered in Source DataStream session: ssg-sle15-ds.xml
I: oscap: Identified document type: cpe-list
WARNING: Skipping ./pub-projects-security-oval-suse.linux.enterprise.15.xml file which is referenced from XCCDF content
I: oscap: Started new OVAL agent ssg-sle15-oval.xml.
I: oscap: Querying system information.
I: oscap: Starting probe on URI 'queue://system_info'.
I: oscap: I will run system_info_probe_main:
--- Starting Evaluation ---

I: oscap: Evaluating a XCCDF policy with selected 'xccdf_org.ssgproject.content_profile_anssi_bp28_high' profile.
Title   Disable the selinuxuser_execheap SELinux Boolean
Rule    xccdf_org.ssgproject.content_rule_sebool_selinuxuser_execheap
Ident   CCE-91424-2
I: oscap: Evaluating XCCDF rule 'xccdf_org.ssgproject.content_rule_sebool_selinuxuser_execheap'.
I: oscap: Started new OVAL agent ssg-sle15-cpe-oval.xml.
I: oscap: Querying system information.
I: oscap: Starting probe on URI 'queue://system_info'.
I: oscap: I will run system_info_probe_main:
I: oscap: Evaluating definition 'oval:ssg-installed_OS_is_sle15:def:1': SUSE Linux Enterprise 15.
I: oscap: Evaluating family test 'oval:ssg-test_sle15_unix_family:tst:1': installed OS part of unix family.
I: oscap: Querying family object 'oval:ssg-obj_sle15_unix_family:obj:1', flags: 0.
I: oscap: Creating new syschar for family_object 'oval:ssg-obj_sle15_unix_family:obj:1'.
I: oscap: Starting probe on URI 'queue://family'.
I: oscap: I will run family_probe_main:
I: oscap: Test 'oval:ssg-test_sle15_unix_family:tst:1' requires that at least one object defined by 'oval:ssg-obj_sle15_unix_family:obj:1' exists on the system.
I: oscap: 1 objects defined by 'oval:ssg-obj_sle15_unix_family:obj:1' exist on the system.
I: oscap: All items matching object 'oval:ssg-obj_sle15_unix_family:obj:1' were collected. (flag=complete)
I: oscap: In test 'oval:ssg-test_sle15_unix_family:tst:1' all of the collected items must satisfy these states: 'oval:ssg-state_sle15_unix_family:ste:1'.
I: oscap: Entity 'family'='unix' of item '1130033' matches corresponding entity in state 'oval:ssg-state_sle15_unix_family:ste:1'.
I: oscap: Item '1130033' compared to state 'oval:ssg-state_sle15_unix_family:ste:1' with result true.
I: oscap: Test 'oval:ssg-test_sle15_unix_family:tst:1' evaluated as true.
I: oscap: Evaluating rpminfo test 'oval:ssg-test_sle15_desktop:tst:1': sled-release is version 15.
I: oscap: Querying rpminfo object 'oval:ssg-obj_sle15_desktop:obj:1', flags: 0.
I: oscap: Creating new syschar for rpminfo_object 'oval:ssg-obj_sle15_desktop:obj:1'.
I: oscap: Starting probe on URI 'queue://rpminfo'.
I: oscap: I will run rpminfo_probe_main:
I: oscap: Package "sled-release" not found.
I: oscap: Test 'oval:ssg-test_sle15_desktop:tst:1' requires that at least one object defined by 'oval:ssg-obj_sle15_desktop:obj:1' exists on the system.
I: oscap: 0 objects defined by 'oval:ssg-obj_sle15_desktop:obj:1' exist on the system.
I: oscap: No item matching object 'oval:ssg-obj_sle15_desktop:obj:1' was found on the system. (flag=does not exist)
I: oscap: Test 'oval:ssg-test_sle15_desktop:tst:1' evaluated as false.
I: oscap: Evaluating rpminfo test 'oval:ssg-test_sle15_server:tst:1': sles-release is version 15.
I: oscap: Querying rpminfo object 'oval:ssg-obj_sle15_server:obj:1', flags: 0.
I: oscap: Creating new syschar for rpminfo_object 'oval:ssg-obj_sle15_server:obj:1'.
I: oscap: I will run rpminfo_probe_main:
I: oscap: Test 'oval:ssg-test_sle15_server:tst:1' requires that at least one object defined by 'oval:ssg-obj_sle15_server:obj:1' exists on the system.
I: oscap: 1 objects defined by 'oval:ssg-obj_sle15_server:obj:1' exist on the system.
I: oscap: All items matching object 'oval:ssg-obj_sle15_server:obj:1' were collected. (flag=complete)
I: oscap: In test 'oval:ssg-test_sle15_server:tst:1' all of the collected items must satisfy these states: 'oval:ssg-state_sle15_server:ste:1'.
I: oscap: Entity 'version'='15.2' of item '1130034' matches corresponding entity in state 'oval:ssg-state_sle15_server:ste:1'.
I: oscap: Item '1130034' compared to state 'oval:ssg-state_sle15_server:ste:1' with result true.
I: oscap: Test 'oval:ssg-test_sle15_server:tst:1' evaluated as true.
I: oscap: Evaluating rpminfo test 'oval:ssg-test_sles_15_for_sap:tst:1': SLES_SAP-release is version 15.
I: oscap: Querying rpminfo object 'oval:ssg-obj_sles_15_for_sap:obj:1', flags: 0.
I: oscap: Creating new syschar for rpminfo_object 'oval:ssg-obj_sles_15_for_sap:obj:1'.
I: oscap: I will run rpminfo_probe_main:
I: oscap: Package "SLES_SAP-release" not found.
I: oscap: Test 'oval:ssg-test_sles_15_for_sap:tst:1' requires that at least one object defined by 'oval:ssg-obj_sles_15_for_sap:obj:1' exists on the system.
I: oscap: 0 objects defined by 'oval:ssg-obj_sles_15_for_sap:obj:1' exist on the system.
I: oscap: No item matching object 'oval:ssg-obj_sles_15_for_sap:obj:1' was found on the system. (flag=does not exist)
I: oscap: Test 'oval:ssg-test_sles_15_for_sap:tst:1' evaluated as false.
I: oscap: Evaluating rpminfo test 'oval:ssg-test_suma_4:tst:1': SUMA is version 4.
I: oscap: Querying rpminfo object 'oval:ssg-obj_suma_4:obj:1', flags: 0.
I: oscap: Creating new syschar for rpminfo_object 'oval:ssg-obj_suma_4:obj:1'.
I: oscap: I will run rpminfo_probe_main:
I: oscap: Package "SUSE-Manager-Server-release" not found.
I: oscap: Test 'oval:ssg-test_suma_4:tst:1' requires that at least one object defined by 'oval:ssg-obj_suma_4:obj:1' exists on the system.
I: oscap: 0 objects defined by 'oval:ssg-obj_suma_4:obj:1' exist on the system.
I: oscap: No item matching object 'oval:ssg-obj_suma_4:obj:1' was found on the system. (flag=does not exist)
I: oscap: Test 'oval:ssg-test_suma_4:tst:1' evaluated as false.
I: oscap: Evaluating rpminfo test 'oval:ssg-test_sle_hpc:tst:1': SLE HPC release is version 15.
I: oscap: Querying rpminfo object 'oval:ssg-obj_sle_hpc:obj:1', flags: 0.
I: oscap: Creating new syschar for rpminfo_object 'oval:ssg-obj_sle_hpc:obj:1'.
I: oscap: I will run rpminfo_probe_main:
I: oscap: Package "SLE_HPC-release" not found.
I: oscap: Test 'oval:ssg-test_sle_hpc:tst:1' requires that at least one object defined by 'oval:ssg-obj_sle_hpc:obj:1' exists on the system.
I: oscap: 0 objects defined by 'oval:ssg-obj_sle_hpc:obj:1' exist on the system.
I: oscap: No item matching object 'oval:ssg-obj_sle_hpc:obj:1' was found on the system. (flag=does not exist)
I: oscap: Test 'oval:ssg-test_sle_hpc:tst:1' evaluated as false.
I: oscap: Definition 'oval:ssg-installed_OS_is_sle15:def:1' evaluated as true.
I: oscap: Evaluating definition 'oval:ssg-installed_OS_is_sle15:def:1': SUSE Linux Enterprise 15.
I: oscap: Definition 'oval:ssg-installed_OS_is_sle15:def:1' evaluated as true.
I: oscap: Evaluating definition 'oval:ssg-installed_env_is_a_machine:def:1': Check if the scan target is a machine.
I: oscap: Criteria are extended by definition 'oval:ssg-installed_env_is_a_container:def:1'.
I: oscap: Evaluating definition 'oval:ssg-installed_env_is_a_container:def:1': Check if the scan target is a container.
I: oscap: Evaluating file test 'oval:ssg-test_installed_env_is_a_docker_container:tst:1': Check if /.dockerenv exists.
I: oscap: Querying file object 'oval:ssg-object_installed_env_is_a_docker_container:obj:1', flags: 0.
I: oscap: Creating new syschar for file_object 'oval:ssg-object_installed_env_is_a_docker_container:obj:1'.
I: oscap: Starting probe on URI 'queue://file'.
I: oscap: I will run file_probe_main:
I: oscap: Opening file '/.dockerenv'.
I: oscap: Test 'oval:ssg-test_installed_env_is_a_docker_container:tst:1' requires that every object defined by 'oval:ssg-object_installed_env_is_a_docker_container:obj:1' exists on the system.
I: oscap: 0 objects defined by 'oval:ssg-object_installed_env_is_a_docker_container:obj:1' exist on the system.
I: oscap: Test 'oval:ssg-test_installed_env_is_a_docker_container:tst:1' does not contain any state to compare object with.
I: oscap: No item matching object 'oval:ssg-object_installed_env_is_a_docker_container:obj:1' was found on the system. (flag=does not exist)
I: oscap: Test 'oval:ssg-test_installed_env_is_a_docker_container:tst:1' evaluated as false.
I: oscap: Evaluating file test 'oval:ssg-test_installed_env_is_a_podman_container:tst:1': Check if /run/.containerenv exists.
I: oscap: Querying file object 'oval:ssg-object_installed_env_is_a_podman_container:obj:1', flags: 0.
I: oscap: Creating new syschar for file_object 'oval:ssg-object_installed_env_is_a_podman_container:obj:1'.
I: oscap: I will run file_probe_main:
I: oscap: Opening file '/run/.containerenv'.
I: oscap: Test 'oval:ssg-test_installed_env_is_a_podman_container:tst:1' requires that every object defined by 'oval:ssg-object_installed_env_is_a_podman_container:obj:1' exists on the system.
I: oscap: 0 objects defined by 'oval:ssg-object_installed_env_is_a_podman_container:obj:1' exist on the system.
I: oscap: Test 'oval:ssg-test_installed_env_is_a_podman_container:tst:1' does not contain any state to compare object with.
I: oscap: No item matching object 'oval:ssg-object_installed_env_is_a_podman_container:obj:1' was found on the system. (flag=does not exist)
I: oscap: Test 'oval:ssg-test_installed_env_is_a_podman_container:tst:1' evaluated as false.
I: oscap: Definition 'oval:ssg-installed_env_is_a_container:def:1' evaluated as false.
I: oscap: Definition 'oval:ssg-installed_env_is_a_machine:def:1' evaluated as true.
I: oscap: Evaluating definition 'oval:ssg-installed_env_is_osbuild:def:1': Check if the environment is a OSBuild pipeline.
I: oscap: Evaluating environmentvariable58 test 'oval:ssg-test_installed_env_is_osbuild:tst:1': environment variable container is set to bwrap-osbuild.
I: oscap: Querying environmentvariable58 object 'oval:ssg-object_installed_env_is_osbuild:obj:1', flags: 0.
I: oscap: Creating new syschar for environmentvariable58_object 'oval:ssg-object_installed_env_is_osbuild:obj:1'.
I: oscap: Starting probe on URI 'queue://environmentvariable58'.
I: oscap: I will run environmentvariable58_probe_main:
I: oscap: Can't find process with requested PID.
I: oscap: Test 'oval:ssg-test_installed_env_is_osbuild:tst:1' requires that every object defined by 'oval:ssg-object_installed_env_is_osbuild:obj:1' exists on the system.
I: oscap: 0 objects defined by 'oval:ssg-object_installed_env_is_osbuild:obj:1' exist on the system.
I: oscap: No item matching object 'oval:ssg-object_installed_env_is_osbuild:obj:1' was found on the system. (flag=does not exist)
I: oscap: Test 'oval:ssg-test_installed_env_is_osbuild:tst:1' evaluated as false.
I: oscap: Definition 'oval:ssg-installed_env_is_osbuild:def:1' evaluated as false.
I: oscap: This rule requires an OCIL check. OCIL checks are not supported by OpenSCAP.
I: oscap: Adding external variable oval:ssg-var_selinuxuser_execheap:var:1.
I: oscap: Evaluating definition 'oval:ssg-sebool_selinuxuser_execheap:def:1': Disable the selinuxuser_execheap SELinux Boolean.
I: oscap: Evaluating selinuxboolean test 'oval:ssg-test_sebool_selinuxuser_execheap:tst:1': selinuxuser_execheap is configured correctly.
I: oscap: Querying selinuxboolean object 'oval:ssg-object_sebool_selinuxuser_execheap:obj:1', flags: 0.
I: oscap: Creating new syschar for selinuxboolean_object 'oval:ssg-object_sebool_selinuxuser_execheap:obj:1'.
I: oscap: Starting probe on URI 'queue://selinuxboolean'.
I: oscap: I will run selinuxboolean_probe_main:
W: oscap: Can't receive message: 125, Operation canceled.
E: oscap: Recv: retry limit (0) reached.
I: oscap: Test 'oval:ssg-test_sebool_selinuxuser_execheap:tst:1' evaluated as (null).
I: oscap: Definition 'oval:ssg-sebool_selinuxuser_execheap:def:1' evaluated as unknown.
Result  unknown

OpenSCAP Error: Probe at sd=1 (selinuxboolean) reported an error: Invalid type, value or format [/usr/local/openscap-1.3.8/src/OVAL/oval_probe_ext.c:384]
Unable to receive a message from probe [/usr/local/openscap-1.3.8/src/OVAL/oval_probe_ext.c:572]
Invalid oval result type: -1. [/usr/local/openscap-1.3.8/src/OVAL/results/oval_resultTest.c:181]
 # 

Seems that the problem appears with the selinuxboolean_object and friends

[evgenyz]

It looks like we need more logs in the probe. It either crashes or hangs.

[teacup-on-rockingchair]

I think I opened it with gdb and it exited but did not produce coredump.. if you think I can debug some specific function I guess I can walk through and provide some initial feedback

[evgenyz]

I think I opened it with gdb and it exited but did not produce coredump.. if you think I can debug some specific function I guess I can walk through and provide some initial feedback

Something is wrong in selinuxboolean_probe.c. No idea what is it, but OTOH the probe is not that complex, all it does is a couple of calls to selinux library. If you can pinpoint the location where it all goes south (not being able to retrieve a value) that would be great.

[teacup-on-rockingchair]

Just to document the effort, we have debugged the oscap tool in the reported situation, and it was caused by the oscap tool returning an error when one attempts to check selinuxboolean_object, when the system does not have selinux, i.e. security_get_boolean_names syscall returns error and sets errno ENOENT, i.e. there is no /selinux directory to keep selinux variables :)