From b4aa76a819d6ae3d6249bb4dd72559e4e471c433 Mon Sep 17 00:00:00 2001 From: Wes Hayutin Date: Wed, 21 Apr 2021 08:30:53 -0600 Subject: [PATCH] add sealert diagosis of selinux errors Change-Id: I698ffb89477a7bca29a83ad943816c0c30d0d3f5 --- roles/collect_logs/defaults/main.yml | 5 ++++- roles/collect_logs/tasks/collect.yml | 7 +++++++ 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/roles/collect_logs/defaults/main.yml b/roles/collect_logs/defaults/main.yml index 4044d73..2e2b26c 100644 --- a/roles/collect_logs/defaults/main.yml +++ b/roles/collect_logs/defaults/main.yml @@ -281,9 +281,12 @@ artcl_commands: cmd: | systemctl list-units --full --all systemctl status "*" - denials: + selinux_denials: cmd: > grep -i denied /var/log/audit/audit* + selinux_denials_detail: + cmd: > + sealert -a /var/log/extra/selinux_denials.txt seqfaults: cmd: > grep -v ansible-command /var/log/messages | grep segfault diff --git a/roles/collect_logs/tasks/collect.yml b/roles/collect_logs/tasks/collect.yml index ed10e25..9a3c661 100644 --- a/roles/collect_logs/tasks/collect.yml +++ b/roles/collect_logs/tasks/collect.yml @@ -27,6 +27,13 @@ data: "{{ combined_cmds | dict2items|selectattr('key', 'in', collect_log_types) | list | items2dict }}" register: artcl_commands_flatten + - name: install setools + ansible.builtin.package: + name: + - setools + - setroubleshoot + state: present + - name: Run artcl_commands # noqa 305 # noqa 102 :: No Jinja2 in when