Closed miabbott closed 7 years ago
Note, there is no ausearch
in RHELAH, so we'll have to grep
through the journal in that case.
another case where we should probably align better between upstream and downstream
I know this is related to https://bugzilla.redhat.com/show_bug.cgi?id=1461978 but we may be able to catch it from the other end as well. Basically should we go through directories to make sure labels are correct? Something like restorecon -vnR /etc/
to see if there are any files with wrong labels.
For that particular bug we would want to make sure files match policy for before and after deployment.
We should put some checks in the
improved-sanity-test
to look for AVC denials in the journal.Offhand, I'd say do a check before and after every boot/reboot. This should let us catch any denials that happen during boot or any that were silently ignored before the system reboots.
cc: @dustymabe