miabbott
commented
7 years ago Note, there is no ausearch in RHELAH, so we'll have to grep through the journal in that case.
Closed miabbott closed 7 years ago
miabbott
commented
7 years ago Note, there is no ausearch in RHELAH, so we'll have to grep through the journal in that case.
dustymabe
commented
7 years ago another case where we should probably align better between upstream and downstream
dustymabe
commented
7 years ago I know this is related to https://bugzilla.redhat.com/show_bug.cgi?id=1461978 but we may be able to catch it from the other end as well. Basically should we go through directories to make sure labels are correct? Something like restorecon -vnR /etc/ to see if there are any files with wrong labels.
For that particular bug we would want to make sure files match policy for before and after deployment.
miabbott
commented
7 years ago 
We should put some checks in the
improved-sanity-testto look for AVC denials in the journal.Offhand, I'd say do a check before and after every boot/reboot. This should let us catch any denials that happen during boot or any that were silently ignored before the system reboots.
cc: @dustymabe