Hi, it could be easier to debug the probe in 'master' branch, where probes are not separate processes, but are included in the oscap process.
Regards Jan Černý Security Technologies | Red Hat, Inc. ----- Original Message ----- > From: "Šimon Lukašík" <[email protected]> > To: [email protected] > Sent: Thursday, April 19, 2018 7:52:36 AM > Subject: Re: [Open-scap] Debugging xinetd_probe > > On 04/19/2018 01:07 AM, Joy Latten wrote: > > Hi, > > > > I am new to OVAL, so my apologies if I make a few incorrect > > statements. I get weird results when I scan some OVAL that I and a > > colleague wrote for xinetd. I would like to dig a bit deeper to get an > > understanding of what is going on and see if the problem is in the oval > > or the xinetd_probe. I took a look at the OpenSCAP User Manual in the > > section about Debugging. I would like to run gdb on the xinetd_probe, so > > did > > > > ./run gdb src/OVAL/probes/.libs/probe_xinetd > > > > within gdb I entered the following that I cut-and-paste from my logfile, > > > > run ("seap.msg" ":id" 0 (("xinetd_object" ":id" > > "oval:com.myubuntu:obj:5536" ":oval_version" "5.11.1" ) (("protocol" > > ":operation" 5 ":var_check" 1 ) "tcp" ) (("service_name" ":operation" 5 > > ":var_check" 1 ) "chargen" ) ) ) > > > > but I get the error message, > > > > /bin/bash: -c: line 0: syntax error near unexpected token `(' > > During startup program exited with code 1. > > (gdb) > > > > What is the correct way to enter input to debug a probe in gdb? > > > > I wish I had remembered. :-) > > I think the SEXP (the input you pass in) needs to go to stdin of probe > (but it has been while since I have been there). > > I think i replaced the probe with a shell script that runs the probe and > logs inputs and outputs and this way I learned to debug it. > > Good luck, > ~š. > > _______________________________________________ > Open-scap-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/open-scap-list _______________________________________________ Open-scap-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/open-scap-list
