Skip to content

sysctl_kernel_core_pattern_empty_string fails on RHEL9.8 #14373

New issue
New issue
Open
Open
sysctl_kernel_core_pattern_empty_string fails on RHEL9.8#14373
Assignees
vojtapolasek
Labels
productization-issueIssue found in upstream stabilization process.triaged
@ggbecker

Description

@ggbecker
ggbecker
opened on Feb 9, 2026

Description of problem:

Remediation output from the remediation-arf.xml results:

grep: /run/sysctl.d/*.conf: No such file or directory
sysctl: permission denied on key "kernel.core_pattern"

9.8	fail	/hardening/container/anaconda-ostree/ospp	sysctl_kernel_core_pattern_empty_string		
9.8	fail	/hardening/container/anaconda-ostree/ospp		output.txt report.html remediation-arf.xml scan-arf.xml	
9.8	fail	/hardening/container/bootc-image-builder/ospp	sysctl_kernel_core_pattern_empty_string		
9.8	fail	/hardening/container/bootc-image-builder/ospp		output.txt report.html remediation-arf.xml scan-arf.xml	
9.8	fail	/hardening/image-builder/cui	sysctl_kernel_core_pattern_empty_string		
9.8	fail	/hardening/image-builder/cui		output.txt report.html scan-arf.xml contest-osbuild.txt	
9.8	fail	/hardening/anaconda/ospp	sysctl_kernel_core_pattern_empty_string		
9.8	fail	/hardening/anaconda/ospp		output.txt report.html scan-arf.xml	
9.8	fail	/hardening/image-builder/ospp	sysctl_kernel_core_pattern_empty_string		
9.8	fail	/hardening/image-builder/ospp		output.txt report.html scan-arf.xml contest-osbuild.txt	
9.8	fail	/hardening/container/bootc-image-builder/cui	sysctl_kernel_core_pattern_empty_string		
9.8	fail	/hardening/container/bootc-image-builder/cui		output.txt report.html remediation-arf.xml scan-arf.xml	
9.8	fail	/hardening/anaconda/cui	sysctl_kernel_core_pattern_empty_string		
9.8	fail	/hardening/anaconda/cui		output.txt report.html scan-arf.xml	
9.8	fail	/hardening/container/anaconda-ostree/cui	sysctl_kernel_core_pattern_empty_string		
9.8	fail	/hardening/container/anaconda-ostree/cui		output.txt report.html remediation-arf.xml scan-arf.xml

SCAP Security Guide Version:

de118d6

Operating System Version:

RHEL 9.8

Actual Results:

Fail after remediation

Expected Results:

Passes after remediation

Additional Information/Debugging Steps:

Can this be related to #14353 as it changed the behavior for the sysctl template? although this rule does not use the template at all.
https://github.com/ComplianceAsCode/content/blob/master/linux_os/guide/system/permissions/restrictions/sysctl_kernel_core_pattern_empty_string/rule.yml

Metadata

Metadata

Assignees

Labels

productization-issueIssue found in upstream stabilization process.triaged

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions