Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disables OSSEC email for fwupd #5882

Merged
merged 2 commits into from
Apr 7, 2021
Merged

Disables OSSEC email for fwupd #5882

merged 2 commits into from
Apr 7, 2021

Conversation

kushaldas
Copy link
Contributor

@kushaldas kushaldas commented Mar 29, 2021
edited by emkll
Loading

Status

Ready for review

Description of Changes

Fixes #5835

Adds a new rules group and also the related decoder.

Changes proposed in this pull request:

Testing

Deployment

Any special considerations for deployment? Consider both:

  1. Upgrading existing production instances.
  2. New installs.

Checklist

If you made changes to the server application code:

  • Linting (make lint) and tests (make test) pass in the development container

If you made changes to securedrop-admin:

  • Linting and tests (make -C admin test) pass in the admin development container

If you made changes to the system configuration:

If you added or removed a file deployed with the application:

  • I have updated AppArmor rules to include the change

If you made non-trivial code changes:

  • I have written a test plan and validated it for this PR

Choose one of the following:

  • I have opened a PR in the docs repo for these changes, or will do so later
  • I would appreciate help with the documentation
  • These changes do not require documentation

If you added or updated a code dependency:

Choose one of the following:

  • I have performed a diff review and pasted the contents to the packaging wiki
  • I would like someone else to do the diff review

@eloquence eloquence changed the title Fixes #5835 disables ossec mails for fwupd Disables OSSEC email for fwupd Mar 29, 2021
@eloquence eloquence added this to the 1.8.1 milestone Mar 29, 2021
@kushaldas kushaldas requested a review from a team as a code owner April 6, 2021 20:48
emkll
emkll approved these changes Apr 6, 2021
View reviewed changes
Copy link
Contributor

@emkll emkll left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Installed the securedrop-ossec-server package on a prod install, can confirm I no longer see the alert. I've appended a commit to add a testinfra test for these new rules in 19ade45 , and rebased on latest develop. Good to merge when CI passes.

@kushaldas kushaldas merged commit b8795a2 into develop Apr 7, 2021
@kushaldas kushaldas deleted the 5835_fix_ossec_fwupd branch April 7, 2021 07:03
@eloquence eloquence mentioned this pull request Sep 21, 2021
Closed
@cfm cfm mentioned this pull request Sep 23, 2021
Merged
3 tasks
@eloquence eloquence mentioned this pull request Dec 21, 2021
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@emkll emkll emkll approved these changes

@conorsch conorsch Awaiting requested review from conorsch

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.8.1
Development

Successfully merging this pull request may close these issues.

fwupd error in syslog, ossec alert for Focal
3 participants
@kushaldas @emkll @eloquence