openstack/validations-common
Code Issues Proposed changes
validations-common/validations_common/playbooks/validate-selinux.yaml
Cédric Jeanneret fe2d98ed6e Correct the validate_selinux working_dir 
This change reflects what was previously done in tripleo-validations
with Ib125ca44f7e3d7fed1d19d2b1847b5bbe64226ed.

Apparently those changes merged a bit after the validation was moved,
meaning we're still pointing to the wrong location here.

Since validations-common is branchless, we don't need to backport
things, but a new tag will be needed in order to include this change
in downstream OSP-16.1.

Change-Id: Ib234917ca74ac3398af7603e4be1d9e2e126de41
Closes-Bug: #1892356
Resolves: rhbz#1876040
2020-10-27 07:26:40 +01:00

22 lines
699 B
YAML
Raw Blame History

---
- hosts: all
vars:
metadata:
name: validate-selinux
description: >-
Ensures we don't have any SELinux denials on the system
groups:
- pre-deployment
- post-deployment
- pre-upgrade
- post-upgrade
validate_selinux_working_dir: /tmp
validate_selinux_audit_source: /var/log/audit/audit.log
validate_selinux_skip_list_dest: "{{ validate_selinux_working_dir }}/denials-skip-list.txt"
validate_selinux_filtered_denials_dest: "{{ validate_selinux_working_dir }}/denials-filtered.log"
validate_selinux_strict: false
validate_selinux_filter: "None"
validate_selinux_skip_list: {}
roles:
- validate_selinux
View Git Blame Copy Permalink