use sova to check for selinux denials

sova is already parsing logs for common errors.
Should be an easy win to flag selinux denials

Change-Id: I5afd3998cce051905f7a972089230003a0a59d87
changes/73/751273/4
Wes Hayutin 2 years ago
parent f8b71834a1
commit 0d20ac4696
  1. 1
      tasks/sova.yml
  2. 6
      vars/sova-patterns.yml

@ -13,5 +13,6 @@
"ironic-conductor": "/var/log/containers/ironic/ironic-conductor.log"
syslog: "/var/log/journal.txt"
logstash: "/var/log/extra/logstash.txt"
selinux: "/var/log/extra/denials.txt"
result: "{{ ansible_user_dir }}/workspace/logs/failures_file"
result_file_dir: "{{ ansible_user_dir }}/workspace/logs"

@ -775,3 +775,9 @@ patterns:
msg: 'Introspection failed, cannot get IP address'
tag: 'infra'
pattern: 'socket.error: [Errno 99] Cannot assign requested address'
"selinux":
- id: 700
logstash: 'denied'
msg: 'selinux denials found'
tag: 'code'
pattern: 'denied'

Loading…
Cancel
Save