Run OpenSCAP scan does not work for Ansible deployments from the Red Hat Satellite 6 Web UI

Resolution

• This problem has been reported to Red Hat Engineering team and is currently being worked on via Bugzilla 1732707.

• As a workaround of this problem please perform the steps below on your Satellite 6.6 server:

  --> Take a backup of this file as displayed below:
  
  # cp -p  /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-*/app/models/concerns/foreman_openscap/host_extensions.rb  ~/host_extensions.rb_orig
  
  --> Edit the file above and  At line 3 append as shown below:
  
  #  grep -E "::Host::Managed::Jail.allow :policies_enc, :policies_enc_raw" /opt/theforeman/tfm/root/usr/share/gems/gems/foreman_openscap-1.0.8/app/models/concerns/foreman_openscap/host_extensions.rb 
  ::Host::Managed::Jail.allow :policies_enc, :policies_enc_raw
  
   --> From UI > Hosts > Job Templates > search "Run OpenSCAP scans" > click on Run OpenSCAP scans  and replace the content of the file with the following:
  
   <% raise "Create and assign a policy to this host before proceeding" if @host.policies_enc_raw.empty? %>
  
   <% @host.policies_enc_raw.map do |policy| -%>
    /usr/bin/foreman_scap_client <%= policy['id'] %>
   <% end -%>
  
  # satellite-maintain service restart
  

• Now try to Run OpenSCAP scan and the job should be successful.
• If the above workaround still doesn't fix the problem then open a support case with Red Hat Technical Support for further assistance.