You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When the network sniffer disabling task runs in the RHEL8 playbook it fails when it encounters a VLAN atop a bonded interface (i.e. bond.70@bond0) due to it attempting to run ip link set dev {{ item.split(':')[1] }} multicast off promisc off using the full interface name returned by the ip -o link show command. In order for the set dev command to succeed it looks to need to be run using only bond.70.
SCAP Security Guide Version:
N/A
Operating System Version:
RHEL8.9
Steps to Reproduce:
Run RHEL8 Playbook on a host with an interface consisting of a VLAN atop a bonded interface
Actual Results:
Task returns:
failed: [hostname] (item=15: bond0.70@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000) => {"ansible_loop_var": "item", "changed": true, "cmd": ["ip", "link", "set", "dev", "bond0.70@bond0", "multicast", "off", "promisc", "off"], "delta": "0:00:00.039773", "end": "2024-04-25 06:53:34.691195", "item": "15: bond0.70@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000", "msg": "non-zero return code", "rc": 1, "start": "2024-04-25 06:53:34.651422", "stderr": "Cannot find device "bond0.70@bond0"", "stderr_lines": ["Cannot find device "bond0.70@bond0""], "stdout": "", "stdout_lines": []}
Expected Results:
Task returns:
ok: [hostname]
Additional Information/Debugging Steps:
I suspect similar would result using OpenSCAP
The text was updated successfully, but these errors were encountered:
Description of problem:
When the network sniffer disabling task runs in the RHEL8 playbook it fails when it encounters a VLAN atop a bonded interface (i.e.
bond.70@bond0
) due to it attempting to runip link set dev {{ item.split(':')[1] }} multicast off promisc off
using the full interface name returned by theip -o link show
command. In order for theset dev
command to succeed it looks to need to be run using onlybond.70
.SCAP Security Guide Version:
N/A
Operating System Version:
RHEL8.9
Steps to Reproduce:
Actual Results:
Task returns:
failed: [hostname] (item=15: bond0.70@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000) => {"ansible_loop_var": "item", "changed": true, "cmd": ["ip", "link", "set", "dev", "bond0.70@bond0", "multicast", "off", "promisc", "off"], "delta": "0:00:00.039773", "end": "2024-04-25 06:53:34.691195", "item": "15: bond0.70@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000", "msg": "non-zero return code", "rc": 1, "start": "2024-04-25 06:53:34.651422", "stderr": "Cannot find device "bond0.70@bond0"", "stderr_lines": ["Cannot find device "bond0.70@bond0""], "stdout": "", "stdout_lines": []}
Expected Results:
Task returns:
ok: [hostname]
Additional Information/Debugging Steps:
I suspect similar would result using OpenSCAP
The text was updated successfully, but these errors were encountered: