utils: ignore auditd if it is not running

Missing log dir means that the daemon is not running, we can't really do anything about that since the daemon can not be started manually and it is likely that it is even missing.
next-actions · Jul 1, 2024 · e704ccc · e704ccc
1 parent e1f5016
commit e704ccc
Showing 1 changed file with 11 additions and 2 deletions.
diff --git a/pytest_mh/utils/auditd.py b/pytest_mh/utils/auditd.py
@@ -51,6 +51,7 @@ def __init__(
 
         self.artifacts: set[str] = {"/var/log/audit/audit.log"}
         self._backup: str | None = None
+        self._auditd_running: bool = False
 
     def setup(self) -> None:
         """
@@ -61,6 +62,11 @@ def setup(self) -> None:
         result = self.host.ssh.run(
             """
             set -e
+
+            if [ ! -d /var/log/audit ]; then
+                exit 0
+            fi
+
             tmp=`mktemp -d`
             cp -r --archive /var/log/audit "$tmp"
             truncate --size 0 /var/log/audit/audit.log*
@@ -69,7 +75,10 @@ def setup(self) -> None:
             log_level=SSHLog.Error,
         )
 
-        self._backup = result.stdout.strip()
+        tmp_path = result.stdout.strip()
+        if tmp_path:
+            self._auditd_running = True
+            self._backup = tmp_path
 
     def teardown(self) -> None:
         """
@@ -108,7 +117,7 @@ def pytest_report_teststatus(
         if report.when != "call":
             return None
 
-        if self.avc_mode == "ignore" or report.outcome == "skipped":
+        if not self._auditd_running or self.avc_mode == "ignore" or report.outcome == "skipped":
             return None
 
         self.logger.info("Checking for AVC denials")