Retry sealert command on failure
We randomly see issues while running sealert in RDO puppet promotion pipeline, sealert fails with:- "SELinux is disabled or we can't open a policy file" As per logs selinux is enabled and selinuxfs is mounted so seems it's some filesystem issue. Locally was able to reproduce only with selinux disabled or umount /sys/fs/selinux. Adding retries in hope to fix these random failures. Change-Id: Icb07742d328827a41132cdd6a6c2bcfa3cde11ec
This commit is contained in:
parent
eaab90a97a
commit
425f454bdc
@ -234,7 +234,8 @@ function run_puppet() {
|
|||||||
|
|
||||||
function catch_selinux_alerts() {
|
function catch_selinux_alerts() {
|
||||||
if is_fedora; then
|
if is_fedora; then
|
||||||
$SUDO sealert -a /var/log/audit/audit.log
|
sealert_cmd="$SUDO sealert -a /var/log/audit/audit.log"
|
||||||
|
retry_cmd "$sealert_cmd"
|
||||||
if $SUDO grep -iq 'type=AVC' /var/log/audit/audit.log; then
|
if $SUDO grep -iq 'type=AVC' /var/log/audit/audit.log; then
|
||||||
echo "AVC detected in /var/log/audit/audit.log"
|
echo "AVC detected in /var/log/audit/audit.log"
|
||||||
source /etc/os-release
|
source /etc/os-release
|
||||||
|
Loading…
Reference in New Issue
Block a user