OSCAP doesn't work for remediation on Ubuntu 18.04 install

my oscap for ubuntu 18.04 doesn't remediate with the commands or through the gui through the scap workbench

oscap xccdf eval --remediate -profile profilename xmlfilename

this checks and shows the results for each STIG configuration, but then at the end of the output from the command it shows

---starting remediation---

but never performs the remediation

do I need the ubuntu advantage subscription for oscap to work?

Have you executed the command with elevated rights?

OSCAP as a product makes various changes to protected files, which means you need to execute the command as sudo.

Edit: Since you replied with the whole command and the whole error message, the most probable cause is that there is no fix yet supplied for that specific rule, you can try ignoring that rule from running and that would help you generate the remediation.

The SCAP file you are using U_CAN_Ubuntu_18-04_V2R3_STIG_SCAP_1-2_Benchmark.xml doesn't contain any remediations. It contains only OVAL checks, so it can only check the configuration but not fix them in case it's incorrect.

For SCAP content that includes also remediation/fixes you can use contents provided by https://github.com/ComplianceAsCode/content/

in the releases page (latest release available: https://github.com/ComplianceAsCode/content/releases/download/v0.1.57/scap-security-guide-0.1.57.zip) you should be able to download the datastream for Ubuntu. But the STIG profile is only available to Ubuntu20.04

Then you can run:

oscap xccdf eval --remediate --profile xccdf_org.ssgproject.content_profile_stig ssg-ubuntu2004-ds.xml

But please be aware that this is a community driven project and may not be aligned 100% with content provided by DISA.