validations-common/validations_common/playbooks/validate-selinux.yaml
Gael Chamoulaud (Strider) e68c7f36d6 Add new metadata keys to the validation playbooks
This patch adds two new metadata keys to the validation playbooks:
- categories: A list of technical tags
- products: A list of targeted products (here mainly common)

This patch is also part of the Validation Metadata Evolution for the
Validations Framework.

Change-Id: Ie6b3a42a09292eadd4233b180132140052d89f09
Signed-off-by: Gael Chamoulaud (Strider) <gchamoul@redhat.com>
2021-09-30 10:04:55 +00:00

30 lines
854 B
YAML

---
- hosts: all
gather_facts: false
vars:
metadata:
name: validate-selinux
description: >-
Ensures we don't have any SELinux denials on the system
groups:
- backup-and-restore
- pre-deployment
- post-deployment
- pre-upgrade
- post-upgrade
categories:
- security
- selinux
- audit
products:
- common
validate_selinux_working_dir: /tmp
validate_selinux_audit_source: /var/log/audit/audit.log
validate_selinux_skip_list_dest: "{{ validate_selinux_working_dir }}/denials-skip-list.txt"
validate_selinux_filtered_denials_dest: "{{ validate_selinux_working_dir }}/denials-filtered.log"
validate_selinux_strict: false
validate_selinux_filter: "None"
validate_selinux_skip_list: {}
roles:
- validate_selinux