I am getting an error when I try and use the CIS-CAT Pro Assessor download for Linux with embedded Java
Product Name
CIS-CAT Pro Assessor
Product Version
Linux v4.27.0+
Date
Apr 13, 2023
Problem
After downloading the Linux bundle with JRE included and launching an Assessment over Terminal, I am getting an error stating:
“Error: Java is not in the JRE folder”
Solution
This download is designed for Linux ONLY operating systems and includes only shell scripts for tool operation on Linux. Centralized scripts utilize the embedded Java.
Users MUST ensure that the jre folder of the build has appropriate read and execute permissions in order for the assessment process to function. Where possible, CIS encourages Members to apply the principle of least privilege and provide Read and Execute to only the owner or owner and group.
An example of “least privilege” that members have found successful is setting read and execute by the owner (
500) or owner and group (550) for just thejrefolder is enough as that is where all the Java binaries needed for CIS-CAT execution are stored. An example command for this would be$ chmod -R 550 ~/mypath/Assessor/jrePlease Note: CIS Linux Benchmarks recommend preventing executions from partitions/file mounts
/tmpor/var. Extracting CIS-CAT to those locations and setting the permission at a lower level of thejredirectory will not allow execution of the program. As such, it is recommend that the CIS-CAT Pro Assessor directory be placed in a different location from partitions/file mounts such as/tmpor/var).
The embedded Java is only suitable for Linux OS, not MacOS. Please see this article if you are unable to use the MacOS with embedded Java [JRE]
Keywords; JRE Java Assessor MacOS Linux Permissions
Content by Label