Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a test for diffing boot errors #194

Open
comps opened this issue May 16, 2024 · 1 comment
Open

Add a test for diffing boot errors #194

comps opened this issue May 16, 2024 · 1 comment

Comments

@comps
Copy link
Contributor

comps commented May 16, 2024

When we harden the OS via content, some services may either not work, or have degraded functionality. This may be tracked by looking at their journal logs before vs after hardening, ideally on boot (as they start up).

Diffing all of the output would probably generate too much noise, but we can check for some common words like

obsolete
deprecated
notice[^a-zA-Z]
error
warning
critical
denied
unknown
no such file
not found
no [^ ]+ found
fail[^a-zA-Z]
failed
failure
fatal
invalid
unable
does not
could not
problem
unexpected
traceback
please
insecure
for more
cannot
can't
[^a-zA-Z]bug([^a-zA-Z]|$)

and compare findings with these words before hardening vs after hardening, and fail on any difference.
@comps
Copy link
Contributor Author

comps commented May 29, 2024

The test (or a similar one) should also diff lists of failed services - if there are any new failing services that were starting up fine before hardening, that's a fail.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@comps