Background
Instead of creating a new properties file for unique assessments, individual user properties may be specified using the -D option together with a property=value pair. This allows an assessment to only override specific user properties when only a small number differ from the defaults.
Problem
We have seen an issue when using the Miscellaneous Option of -D to assess postgresql databases. The command line assessment will fail with this error;
-- [obj:26334500] sql57_object: No description provided................. Exception in thread "main" org.postgresql.util.PSQLException: The server requires password-based authentication, but no password was specified.
Solution
In this specific example, the property=value must be enclosed in quotes so that the full jdbc command is passwd to CIS-CAT. For example;
-D "xccdf_org.cisecurity_value_jdbc.url=jdbc:postgresql://127.0.0.1:5432/ciscatdb?user=ciscat&password=ciscat"
Related articles
Filter by label
There are no items with the selected labels at this time.
Add Comment