oscap-docker error on AmazonLinux 2023 scan: W: oscap: Requested offline mode is not supported by uname probe

[ss107-github]

Hi,

When trying to run the following to perform compliance scan in Alpine docker host against a AmazonLinux 2023 docker image
oscap-docker image public.ecr.aws/amazonlinux/amazonlinux:2023 xccdf eval \ --profile xccdf_org.ssgproject.content_profile_cis --results oscap_report.xml --report oscap_report.html \ /tmp/scap-security-guide-0.1.76/ssg-al2023-ds.xml

It worked fine until it hit a rule "xccdf_org.ssgproject.content_rule_sshd_enable_pam" , then I got an error "W: oscap: Requested offline mode is not supported by uname probe.":

Disable X11 Forwarding
xccdf_org.ssgproject.content_rule_sshd_disable_x11_forwarding
notapplicable
Do Not Allow SSH Environment Options
xccdf_org.ssgproject.content_rule_sshd_do_not_permit_user_env
notapplicable
Enable PAM
xccdf_org.ssgproject.content_rule_sshd_enable_pam
W: oscap: Requested offline mode is not supported by uname probe.
Assertion failed: false (/home/buildozer/aports/community/openscap/src/openscap-1.4.0/src/XCCDF_POLICY/xccdf_policy.c: xccdf_policy_is_item_selected: 628)
Temporary container f1a681085e5fbaf430c37ec43661f45bcf0d42f605becf2f9927126bea120c5e cleaned
Cleaning temporary extracted container...

What is weird is that if I run the scan from within the docker image public.ecr.aws/amazonlinux/amazonlinux:2023 using oscap with the same datastream and profile, it works fine, the rule returns "nonapplicable" and move on to finish the scan.

Do you have any clue what could have caused the issue? Thanks.