9 Replies Latest reply on Jan 26, 2012 9:24 AM by R V

    Troubleshooting Scriptutil Extended Objects

      I'm running BBSA 8.0sp5 and have having issues with a couple Extended objects that use scriptutil getting usage messages back

       

      Example: 

      "User Accounts and Environment Configuration" EO for Linux.

      Command: scriptutil -h -h ??TARGET.HOST?? -s user_account_and_env_config

      in share/sensors, the user_account_and_env_config.* files exist for the different OS.

       

      When I try to view the extentded object I get:

      <Usage> scriptutil -h [HOST] -s unowned_files_dirs [directory to exclude]....</Usage>

       

      Not sure why the message is referring to unowned_files_dirs, when the extended object is defined as user_account_and_env_config

        • 1. Re: Troubleshooting Scriptutil Extended Objects

          Can you open up that sensor (extended object) and look at the usage function? It may just be that someone used  unowned_files_dir as a template and never updated the usage function

          • 2. Troubleshooting Scriptutil Extended Objects

            Well, from the script:

             

            # 1: Function: parse_args ()

            #

            # Get the required input

            #

            # Define directories that need to be fExcluded (multiple folder must be

            # separated by commas) or the entire filesystem will be scanned.

            # Default value for fExcludeS is N (no dir to be fExcluded).

            #

            #

            parse_args ()

            {

                    if [ $# -gt 1  ]

                    then

                            MAX_DISK_PERCENT=$1

                            USER_DIRs=`echo $2 | sed 's/,/ /g'`

                    GREP_EXCLUDE_DIRs=`echo "^$2" | sed 's/,/\$\\\|^/g'`

                    GREP_EXCLUDE_DIRs=`echo "${GREP_EXCLUDE_DIRs}\$\\\|^$2/" | sed 's/,\//\\\|^/g'`

                    elif [ $# -gt 0 ]

                    then

                            MAX_DISK_PERCENT=80

                    else

                            echo "<Usage> scriptutil -h [HOST] -s unowned_files_dirs [directory to exclude]...</Usage>"

                            exit 0

                    fi

             

            }

             

            Is this syntax line wrong, or is this whole section wrong?

            • 3. Troubleshooting Scriptutil Extended Objects

              Header of file:

              ! /bin/sh

              #<name> user_account_and_env_config.Linux.sh

              #<desc> [Linux] Audit User Accounts and Environment Configuration

              #<type> Sensor

              #<sci>  Linux Compliance

              #<owner> Copyright (C) 2005 BladeLogic, Inc.

              #######################################################################

              #<doc> NAME

              #<doc>         user_account_and_env_config

              #<doc>

              #<doc> SYNTAX

              #<doc>         user_account_and_env_config

              #<doc>

              #<doc> DIAGNOSTICS

              #<doc>         Exit code 0 if successful

              #<doc>                   0 on failure

              #<doc>

              #<doc> DESCRIPTION

              #<doc>         Scan system for user's home-directories and files 

              #<doc>         permission and ownership.    

              #######################################################################

              #  MODIFY DATE   MODIFIED BY   REASON FOR & DESCRIPTION OF MODIFICATION

              #  -----------  -------------  ----------------------------------------

              #  11/30/06     Maria Cabral   Written

              #  11/29/07     Maria Cabral   Added DISA STIG support and updated find

              #               to ignore nfs filesystem.

              #######################################################################

               

              Do I somehow still have an old version, I've just installed the 8.0 contrib content, but maybe a remnant of an earlier release?

              • 4. Re: Troubleshooting Scriptutil Extended Objects

                It would seem to me that whole portion is wrong, given the name of the script. File a ticket please. Bill and I will see if we can channel this internally. Post the ticket number.

                • 5. Re: Troubleshooting Scriptutil Extended Objects

                  It’s possible, but I am following up with the author to be sure.

                  • 6. Re: Troubleshooting Scriptutil Extended Objects
                    Bill Robinson

                    i think it's fine.  i'm looking at the lastest copy of that user_account_and_env_config.Linux.sh file and it has the

                                   echo "<Usage> scriptutil -h [HOST] -s unowned_files_dirs [directory to exclude]

                    ...</Usage>"

                     

                    in it.  many of the EOs are similar so i'm not suprised things were cut and paste.

                     

                    so what's the actual problem ?

                    • 7. Troubleshooting Scriptutil Extended Objects

                      When I run a compliance job using the "CIS - RedHat 5" template, section 11.2 fails to collect.  That's using the above mentioned Extended Object.  If I try to view the extended object in the UI it fails with the usage statement.

                       

                      The compliance run for that section shows Rule Definition as:

                      "Extended Object Entry:BL-LXO User Accounts and Environment Configuration//ACCOUNT_STATUS/DUPLICATE_UID/Compliant"."Value1 as String(All OS)" equals "Yes" as failing

                       

                      Yet visual confirmation that there's no duplicate uid

                       

                      Created a ticket ISS03872437

                      • 8. Troubleshooting Scriptutil Extended Objects

                        Does that extended object work when you you view it in the UI Bill?

                        • 9. Troubleshooting Scriptutil Extended Objects
                          R V

                          As is this is still tagged as not answered: do you really have TWO "-h -h" in the command section of the E.O.?