Description of problem:

When the network sniffer disabling task runs in the RHEL8 playbook it fails when it encounters a VLAN atop a bonded interface (i.e. bond.70@bond0) due to it attempting to run ip link set dev {{ item.split(':')[1] }} multicast off promisc off using the full interface name returned by the ip -o link show command. In order for the set dev command to succeed it looks to need to be run using only bond.70.

SCAP Security Guide Version:

N/A

Operating System Version:

RHEL8.9

Steps to Reproduce:

1. Run RHEL8 Playbook on a host with an interface consisting of a VLAN atop a bonded interface

Actual Results:

Task returns:
failed: [hostname] (item=15: bond0.70@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000) => {"ansible_loop_var": "item", "changed": true, "cmd": ["ip", "link", "set", "dev", "bond0.70@bond0", "multicast", "off", "promisc", "off"], "delta": "0:00:00.039773", "end": "2024-04-25 06:53:34.691195", "item": "15: bond0.70@bond0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000", "msg": "non-zero return code", "rc": 1, "start": "2024-04-25 06:53:34.651422", "stderr": "Cannot find device "bond0.70@bond0"", "stderr_lines": ["Cannot find device "bond0.70@bond0""], "stdout": "", "stdout_lines": []}

Expected Results:

Task returns:
ok: [hostname]

Additional Information/Debugging Steps:

I suspect similar would result using OpenSCAP