add sealert diagosis of selinux errors

Change-Id: I698ffb89477a7bca29a83ad943816c0c30d0d3f5

roles/collect_logs/defaults/main.yml

@@ -281,9 +281,12 @@ artcl_commands:
       cmd: |
         systemctl list-units --full --all
         systemctl status "*"
-    denials:
+    selinux_denials:
       cmd: >
         grep -i denied /var/log/audit/audit*
+    selinux_denials_detail:
+      cmd: >
+        sealert -a /var/log/extra/selinux_denials.txt
     seqfaults:
       cmd: >
         grep -v ansible-command /var/log/messages | grep segfault

roles/collect_logs/tasks/collect.yml

@@ -27,6 +27,13 @@
         data: "{{ combined_cmds | dict2items|selectattr('key', 'in', collect_log_types) | list | items2dict }}"
       register: artcl_commands_flatten
 
+    - name: install setools
+      ansible.builtin.package:
+        name:
+          - setools
+          - setroubleshoot
+        state: present
+
     - name: Run artcl_commands
       # noqa 305
       # noqa 102 :: No Jinja2 in when