sealert error

Nabeel Moidu nabeelmoidu at gmail.com
Wed Jan 4 11:31:46 UTC 2012 

Hi

I'm trying to create an SELinux policy for an rpm software installation.
I've been getting sealerts in the var/log/messages but I am unable to view
them due to this error,

*[root at nmk-centos-60-1 policy]# sealert -l
6a6e02bc-23a7-4e55-adab-b06d0cdc2832
Error
query_alerts error (1003): id (6a6e02bc-23a7-4e55-adab-b06d0cdc2832) not
found
*
I believe this has to do with the setroubleshoot daemon not running.
*
[root at nmk-centos-60-1 policy]# service setroubleshoot status
setroubleshoot: unrecognized service
[root at nmk-centos-60-1 policy]# service --status-all | grep setro*

I have the setroubleshoot softwares installed
*
[root at nmk-centos-60-1 policy]# rpm -qa | grep setroubles
92:setroubleshoot-server-3.0.38-2.1.el6.x86_64
425:setroubleshoot-plugins-3.0.16-1.el6.noarch
426:setroubleshoot-3.0.38-2.1.el6.x86_64
587:setroubleshoot-doc-3.0.38-2.1.el6.x86_64
[root at nmk-centos-60-1 policy]#
*
I don't see the setroubleshoot rpms creating any init script file in init.d
or elsewhere.
*
[root at nmk-centos-60-1 policy]# rpm -qa --list setroubleshoot-server  | grep
-v ^/usr
1:/etc/audisp/plugins.d/sedispatch.conf
2:/etc/dbus-1/system.d/org.fedoraproject.SetroubleshootFixit.conf
3:/etc/dbus-1/system.d/org.fedoraproject.Setroubleshootd.conf
4:/etc/logrotate.d/setroubleshoot
5:/etc/setroubleshoot
6:/etc/setroubleshoot/setroubleshoot.conf
172:/var/lib/setroubleshoot
173:/var/lib/setroubleshoot/email_alert_recipients
174:/var/lib/setroubleshoot/setroubleshoot_database.xml
175:/var/log/setroubleshoot
176:/var/run/setroubleshoot

*SELinux is running in permissive mode with mls type on my system.*

[root at nmk-centos-60-1 policy]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   permissive
Mode from config file:          permissive
Policy version:                 24
Policy from config file:        mls

*I am running Centos 6.0*

[root at nmk-centos-60-1 policy]# cat /etc/issue
CentOS Linux release 6.0 (Final)
Kernel \r on an \m
[root at nmk-centos-60-1 policy]# uname -a
Linux nmk-centos-60-1 2.6.32-71.el6.x86_64 #1 SMP Fri May 20 03:51:51 BST
2011 x86_64 x86_64 x86_64 GNU/Linux
[root at nmk-centos-60-1 policy]#
*
1) Did I miss anything with regards to the troubleshooting daemon
installation ?
2) How can I fix the query alert error and view the sealert output ?

Nabeel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/selinux/attachments/20120104/749b24a7/attachment.html>

More information about the selinux mailing list