Based on recent discussions, turn the test into a diff-like tool the output of which is to be always reviewed by a human.
This is in contrast to the old (current) state which treats the test as a regression test, assuming it is meant to normally pass.
And that would make sense if we wanted to keep audit rule lists stored in the content identical with auditd samples, but we (CaC/content) do not want that.
Instead, the intention is to just alert about any differences, and let the humans decide whether they are significant enough to update the CaC/content audit rules, and how.
Based on recent discussions, turn the test into a diff-like tool the output of which is to be always reviewed by a human.
This is in contrast to the old (current) state which treats the test as a regression test, assuming it is meant to normally
pass.And that would make sense if we wanted to keep audit rule lists stored in the content identical with auditd samples, but we (CaC/content) do not want that.
Instead, the intention is to just alert about any differences, and let the humans decide whether they are significant enough to update the CaC/content audit rules, and how.