Ed Swierk wrote:
On 1/4/08, John Dennis <jdennis@xxxxxxxxxx> wrote:
Re SELinux usability issues:
We wrote the setroubleshoot package precisely to help SELinux novice
users so they wouldn't suffer with hidden obscure failures of the type
which have frustrated you. If it had been installed you would have
received notifications in real time on your desktop describing the
failure and suggestions on how to fix it.
The machine in question is a server with no graphical applications; is
there a command-line version of setroubleshoot?
Yes, setroubleshoot-server.
You have two options for receiving the alerts from the headless server.
You can either run the gui on a machine with a head and point it at the
headless server (requires modifying the config file to use TCP rather
than the default Unix domain sockets).
On the headless server edit /etc/setroubleshoot/setroubleshoot.cfg and
in the listen_for_client section set the address_list parameter to
{inet}server.ip.addr. Then on the GUI system do the same thing except
set the address_list in the client_connect_to section.
-OR-
You can choose to have the headless server send you emails with the
alert by editing the file
/var/lib/setroubleshoot/email_alert_recipients
and adding a line like this:
user@xxxxxxxxxxx filter_type=after_first
The filter_type specifies whether to filter the email alert, the 3
possible values are:
after_first filter the email after the first notification
always always filter, thus never send an email alert
never never filter, thus always send an email alert
--
John Dennis <jdennis@xxxxxxxxxx>
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
