On Wed, Apr 21, 2010 at 01:34:16AM -0500, Robert Nichols wrote:
What, in the hopelessly complex chain of process startups, is supposed to start setroubleshootd? I find it is either not getting started or silently dieing on
Currently DBUS
my Fedora 12 system. I find I've been getting a bunch of AVCs logged, with no alert of course, and no way to get those AVCs translated with human-readable timestamps so that I have the slightest chance of correlating those with
ausearch -m avc -ts recent --interpret
anything else going on in the system. ("sealert -a /var/log/audit/audit.log" just dies with "NameError: global name 'avc' is not defined".)
The manpage for sealert mentions a GUI browser. That must have been in somebody's wet dream, because there is no such thing. Regardless of how sealert is started, the GUI menu discussed in the manpage does not exist.
Again, SElinux turns out to be a bigger pain than anything it is supposedly protecting against.
Please do not generalize, just because SETroubleshoot is not exactly a miracle that does not mean the rest of SELinux is a pain as well.
-- Bob Nichols "NOSPAM" is really part of my email address. Do NOT delete it.
# sealert -a /var/log/audit/audit.log 11% doneTraceback (most recent call last): File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line 635, in task self.new_audit_record_handler(record_type, event_id, body_text, fields, line_number) File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line 661, in new_audit_record_handler self.avc_event_handler(audit_event) File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line 647, in avc_event_handler avc = AVC(audit_event) File "/usr/lib64/python2.6/site-packages/setroubleshoot/audit_data.py", line 586, in __init__ self.derive_avc_info_from_audit_event() File "/usr/lib64/python2.6/site-packages/setroubleshoot/audit_data.py", line 884, in derive_avc_info_from_audit_event raise ValueError("Invalid AVC %s, it is allowed in current policy" % avc) NameError: global name 'avc' is not defined
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux