Write selinux denials in separate file

Use sova for discovering selinux denials and write
them to selinux_denials.log
Change-Id: I371b7f6bf3e72dbdf8dabbd6fac2bfe881358bc1
changes/73/755673/2
Sagi Shnaidman 2 years ago
parent 1ccb086b64
commit 480e33bd9a
  1. 8
      tasks/sova.yml

@ -13,6 +13,12 @@
"ironic-conductor": "/var/log/containers/ironic/ironic-conductor.log"
syslog: "/var/log/journal.txt"
logstash: "/var/log/extra/logstash.txt"
selinux: "/var/log/extra/denials.txt"
result: "{{ ansible_user_dir }}/workspace/logs/failures_file"
result_file_dir: "{{ ansible_user_dir }}/workspace/logs"
- name: Run sova task
sova:
config: "{{ pattern_config }}"
files:
selinux: "/var/log/extra/denials.txt"
result: "{{ ansible_user_dir }}/workspace/logs/selinux_denials.log"

Loading…
Cancel
Save