On Tue, Mar 11, 2008 at 08:58:11PM -0400, Daniel J Walsh wrote:
> Arthur Dent wrote:
>> On Mon, Mar 10, 2008 at 09:27:04AM -0400, Daniel J Walsh wrote:
>>> setroubleshoot can be setup on a headless box to send email. And there
>>> is an interface (named pipe) to audit system where you can receive AVC
>>> messages as they happen. Just look at the setroubleshoot code since it
>>> is using this.
>> Ooooo. That sounds interesting. I'm all for not re-inventing the wheel.
Thing
>> is, I looked at man sealert and I couldn't see how to do this. I am not much
>> of a hacker, so looking at the code would probably not help me too much.
>>
>> Is there a configuration setting I can set somewhere?
>>
>> Thanks
>>
>> Mark
>>
>> fedora-selinux-list mailing list
>> fedora-selinux-list(a)redhat.com
>>
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> vi /etc/setroubleshoot/setroubleshoot.cfg
>
> And search for email.
Hi,
Apologies for slow response. Thanks ever so much for this. Just what I
was looking for!
Just one small thing...
When I tried this, editing /etc/setroubleshoot/setroubleshoot.cfg
and creating a file /var/lib/setroubleshoot/email_alert_recipients it
didn't work. I looked at this wiki entry
http://fedoraproject.org/wiki/Docs/Drafts/SELinux/SETroubleShoot/UserFAQ#...
and it said essentially exactly the same thing. It also said that that I
could use the sealert GUI to set the mailing settings, so I SSH'd into
my serving using a forwarded X server and tried that. It worked!
The strange thing is that the wiki says that the GUI method simply
modifies the same file (which makes sense), but I used a different email
address and the old email address (which doesn't work) is still in that file with no
sign of
the new one (which works!).
Ho hum... I suppose I goofed somewhere along the line. I'll look into it
with a little more care when I get the chance. In the meantime, the
important thing is it works!
Thanks again, your help is greatly appreciated.
Mark
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org
iEYEARECAAYFAkfegDMACgkQrlYvE4MpobP3aQCeJSywvkeDfiFOZ+8xR4LF90sc
dtEAoMiuOasaxk/e1oIQNa5yELlhU6Ja
=jShQ
-----END PGP SIGNATURE-----