Skip to content
This repository has been archived by the owner on Feb 7, 2023. It is now read-only.

print out matching files/directories when doing SELinux label checks #260

Closed
miabbott opened this issue Oct 2, 2017 · 0 comments
Closed

print out matching files/directories when doing SELinux label checks #260

miabbott opened this issue Oct 2, 2017 · 0 comments
Labels
enhancement jira

Comments

@miabbott
Copy link
Collaborator

miabbott commented Oct 2, 2017

In the selinux_verify role, we just output:

The file /var had an SELinux label of 'unlabeled_t'

But we should be able to print out any and all files/subdirs that match by just saving off the stdout and printing it in the fail: statement

See also #239 and #253
miabbott added a commit to miabbott/atomic-host-tests that referenced this issue Oct 27, 2017
@miabbott
selinux_verify: log any files/procs with incorrect SELinux labels
190a658 
Previously, the `selinux_verify` role would fail with a generic
message about finding a file or process that had an incorrect SELinux
label.  This caused additional work for anyone doing triage of the
tests and made folks unhappy.

This change alters how the role reports any instances of incorrect
SELinux labels.  The files/directories/processes are saved into a list
which can then be read out later as part of a failure message.

This should result in last failure message to include the relevant
details of the files/processes and negate the need to dig through the
logs further during triage.

Closes projectatomic#260
@miabbott miabbott mentioned this issue Oct 27, 2017
Merged
miabbott added a commit to miabbott/atomic-host-tests that referenced this issue Oct 31, 2017
@miabbott
selinux_verify: log any files/procs with incorrect SELinux labels
3a0b14b 
Previously, the `selinux_verify` role would fail with a generic
message about finding a file or process that had an incorrect SELinux
label.  This caused additional work for anyone doing triage of the
tests and made folks unhappy.

This change alters how the role reports any instances of incorrect
SELinux labels.  The files/directories/processes are saved into a list
which can then be read out later as part of a failure message.

This should result in last failure message to include the relevant
details of the files/processes and negate the need to dig through the
logs further during triage.

Closes projectatomic#260
mike-nguyen pushed a commit that referenced this issue Nov 1, 2017
@mike-nguyen
selinux_verify: log any files/procs with incorrect SELinux labels (#270)
e947455 
* selinux_verify: log any files/procs with incorrect SELinux labels

Previously, the `selinux_verify` role would fail with a generic
message about finding a file or process that had an incorrect SELinux
label.  This caused additional work for anyone doing triage of the
tests and made folks unhappy.

This change alters how the role reports any instances of incorrect
SELinux labels.  The files/directories/processes are saved into a list
which can then be read out later as part of a failure message.

This should result in last failure message to include the relevant
details of the files/processes and negate the need to dig through the
logs further during triage.

Closes #260

* fixup! selinux_verify: log any files/procs with incorrect SELinux labels
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
enhancement jira
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@miabbott