setroubleshootd not running

Dominick Grift domg472 at gmail.com
Wed Apr 21 15:23:53 UTC 2010 

On Wed, Apr 21, 2010 at 09:48:26AM -0500, Robert Nichols wrote:
> On 04/21/2010 04:22 AM, Dominick Grift wrote:
> > On Wed, Apr 21, 2010 at 01:34:16AM -0500, Robert Nichols wrote:
> >> What, in the hopelessly complex chain of process startups, is supposed to start
> >> setroubleshootd?  I find it is either not getting started or silently dieing on
> >
> > Currently DBUS
> >
> >> my Fedora 12 system.  I find I've been getting a bunch of AVCs logged, with no
> >> alert of course, and no way to get those AVCs translated with human-readable
> >> timestamps so that I have the slightest chance of correlating those with
> >
> > ausearch -m avc -ts recent --interpret
> >
> >> anything else going on in the system.  ("sealert -a
> >> /var/log/audit/audit.log" just dies with "NameError: global name
> >> 'avc' is not defined".)
> >>
> >> The manpage for sealert mentions a GUI browser.  That must have been in
> >> somebody's wet dream, because there is no such thing.  Regardless of how
> >> sealert is started, the GUI menu discussed in the manpage does not exist.
> >>
> >> Again, SElinux turns out to be a bigger pain than anything it is supposedly
> >> protecting against.
> >
> > Please do not generalize, just because SETroubleshoot is not exactly a miracle that does not mean the rest of SELinux is a pain as well.
> 
> When the analysis and reporting tools are not working, the entire glorious
> package becomes just another broken down luxury car blocking the center
> lane of the expressway and needing to be hauled away.

Now youre comparing it to cars?
You do not need setroubleshoot in the first place. You could simple uninstall it and use other analysis and reporting tools like aureport, audit2allow etc.

> 
> -- 
> Bob Nichols     "NOSPAM" is really part of my email address.
>                  Do NOT delete it.
> 
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20100421/b24d12e2/attachment.bin

More information about the selinux mailing list