search

redhat-cop / infra.leapp

Collection of Ansible roles for automating RHEL in-place upgrades using Leapp.
MIT License
43 stars 33 forks source link

Allow treating all high risk findings as inhibitors #199

Closed myllynen closed 1 month ago

myllynen commented 1 month ago

Resolves: #197

jeffmcutter commented 1 month ago

Tested both ways successfully.


RUNNING HANDLER [infra.leapp.analysis : Display inhibitors] ***********************************************************************************************************************************************************************************************************************************************************
ok: [satrhel8-1.localdomain.local] => {
    "results_inhibitors.stdout_lines": [
        "Risk Factor: high ",
        "Title: Remote root logins globally allowed using password",
        "Summary: RHEL9 no longer allows remote root logins, but the server configuration explicitly overrides this default. The configuration file will not be updated and root is still going to be allowed to login with password. This is not recommended and considered as a security risk.",
        "Remediation: [hint] If you depend on remote root logins using passwords, consider setting up a different user for remote administration. Otherwise you can ignore this message.",
        "Key: e738f78bc8f3a84411a4210e3b609057139d1855",
        "----------------------------------------",
        "Risk Factor: high ",
        "Title: GRUB2 core will be automatically updated during the upgrade",
        "Summary: On legacy (BIOS) systems, GRUB2 core (located in the gap between the MBR and the first partition) cannot be updated during the rpm transaction and Leapp has to initiate the update running \"grub2-install\" after the transaction. No action is needed before the upgrade. After the upgrade, it is recommended to check the GRUB configuration.",
        "Key: ac7030e05d2ee248d34f08a9fa040b352bc410a3",
        "----------------------------------------"
    ]
}
Monday 03 June 2024  12:00:08 +0800 (0:00:00.041)       0:03:06.645 *********** 
 [started HANDLER: infra.leapp.analysis : Display errors on satrhel8-1.localdomain.local]

RUNNING HANDLER [infra.leapp.analysis : Display errors] ***************************************************************************************************************************************************************************************************************************************************************
skipping: [satrhel8-1.localdomain.local]
Monday 03 June 2024  12:00:09 +0800 (0:00:00.035)       0:03:06.680 *********** 
 [started HANDLER: infra.leapp.analysis : Preupgrade analysis report is done on satrhel8-1.localdomain.local]

RUNNING HANDLER [infra.leapp.analysis : Preupgrade analysis report is done] *******************************************************************************************************************************************************************************************************************************************
ok: [satrhel8-1.localdomain.local] => {
    "msg": "The preupgrade analysis report generation is now complete. WARNING: Inhibitors found. Review the tasks above or the result file at /var/log/leapp/leapp-report.txt."```

LGTM.