On Wed, Apr 21, 2010 at 01:34:16AM -0500, Robert Nichols wrote:
What, in the hopelessly complex chain of process startups, is
supposed to start
setroubleshootd? I find it is either not getting started or silently dieing on
Currently DBUS
my Fedora 12 system. I find I've been getting a bunch of AVCs
logged, with no
alert of course, and no way to get those AVCs translated with human-readable
timestamps so that I have the slightest chance of correlating those with
ausearch -m avc -ts recent --interpret
anything else going on in the system. ("sealert -a
/var/log/audit/audit.log" just dies with "NameError: global name
'avc' is not defined".)
The manpage for sealert mentions a GUI browser. That must have been in
somebody's wet dream, because there is no such thing. Regardless of how
sealert is started, the GUI menu discussed in the manpage does not exist.
Again, SElinux turns out to be a bigger pain than anything it is supposedly
protecting against.
Please do not generalize, just because SETroubleshoot is not exactly a miracle that does
not mean the rest of SELinux is a pain as well.
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
# sealert -a /var/log/audit/audit.log
11% doneTraceback (most recent call last):
File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line
635, in task
self.new_audit_record_handler(record_type, event_id, body_text, fields, line_number)
File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line
661, in new_audit_record_handler
self.avc_event_handler(audit_event)
File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line
647, in avc_event_handler
avc = AVC(audit_event)
File "/usr/lib64/python2.6/site-packages/setroubleshoot/audit_data.py", line
586, in __init__
self.derive_avc_info_from_audit_event()
File "/usr/lib64/python2.6/site-packages/setroubleshoot/audit_data.py", line
884, in derive_avc_info_from_audit_event
raise ValueError("Invalid AVC %s, it is allowed in current policy" % avc)
NameError: global name 'avc' is not defined
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux