CCS Error the following commands are not whitelisted c=`rpm
search cancel

CCS Error the following commands are not whitelisted c=`rpm

book

Article ID: 242472

calendar_today

Updated On:

Products

Control Compliance Suite Standards Server Control Compliance Suite Control Compliance Suite Standards Module

Issue/Introduction

In Control Compliance Suite, after making a copy of a predefined Linux Standard, when running a data collection job you are getting the following error.

The following commands are not whitelisted c=`rpm

More examples.

The following commands are not whitelisted in the Linux section : bname=""""$(basename, fugname=""""$(_>#SuDo#<_, l_fwd_status=""""$(_>#SuDo#<_, l_output="""""""". 

Or

bname="$(basename, fugname="$(_&gt;#SuDo#&lt;_, l_fwd_status="$(_&gt;#SuDo#&lt;_, l_output=""

Cause

The predefined Standards by default bypass the CommandWhitelist requirements.

Resolution

After making a copy of a predefined Standard it becomes a custom Standard and any command based checks then need to have all commands listed in the CommandWhitelist.ini file on each CCS Manager doing data collection.

In this case the check '1.7.2 Ensure GDM login banner is configured for RHEL' has the following command.

c=`rpm -q gdm 2>/dev/null`; if [[ ${c} != *"not installed"* ]]; then echo "Pass"; egrep "^user-db:user$|^system-db:gdm$|^file-db:/usr/share/gdm/greeter-dconf-defaults$" /etc/dconf/profile/gdm 2>/dev/null; egrep -rin "banner-message-enable=true|banner-message-text=*" /etc/dconf/db/gdm.d/ 2>/dev/null;else echo "Fail"; fi

As that first part "c=`rpm" are altogether with no space CCS recognizes this as a single command.

Edit the CommandWhitelist.ini file and add in the command "c=`rpm" to the bottom of the [Linux] section of commands. Make sure this is done on each CCS Manager.

Please refer to the following documentation on how to add the command to the CommandWhitelist.ini file.

About whitelisting commands for Commands entity for UNIX

Additional Information

When exporting the results to a CSV file format if there is a " it will cause the output to contain to many ". Export in a different file format such as XML or xls and the results will be correct.

For example:

bname=""""$(basename, fugname=""""$(_>#SuDo#<_, l_fwd_status=""""$(_>#SuDo#<_, l_output=""""""""

should be output as:

bname="$(basename, fugname="$(_&gt;#SuDo#&lt;_, l_fwd_status="$(_&gt;#SuDo#&lt;_, l_output=""

Each command should be added to the CommandWhitelist.ini file, such as.

grubby
modprobe
which
bname="$(basename
fugname="$(_>#SuDo#<_ 
l_fwd_status="$(_>#SuDo#<_
l_output=""
UID_MIN=$(_>#SuDo#<_
basename
chage

Powered by Wolken Software