What, in the hopelessly complex chain of process startups, is supposed to start
setroubleshootd? I find it is either not getting started or silently dieing on
my Fedora 12 system. I find I've been getting a bunch of AVCs logged, with no
alert of course, and no way to get those AVCs translated with human-readable
timestamps so that I have the slightest chance of correlating those with
anything else going on in the system. ("sealert -a /var/log/audit/audit.log"
just dies with "NameError: global name 'avc' is not defined".)
The manpage for sealert mentions a GUI browser. That must have been in
somebody's wet dream, because there is no such thing. Regardless of how
sealert is started, the GUI menu discussed in the manpage does not exist.
Again, SElinux turns out to be a bigger pain than anything it is supposedly
protecting against.
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
# sealert -a /var/log/audit/audit.log
11% doneTraceback (most recent call last):
File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line 635, in task
self.new_audit_record_handler(record_type, event_id, body_text, fields, line_number)
File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line 661, in new_audit_record_handler
self.avc_event_handler(audit_event)
File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line 647, in avc_event_handler
avc = AVC(audit_event)
File "/usr/lib64/python2.6/site-packages/setroubleshoot/audit_data.py", line 586, in __init__
self.derive_avc_info_from_audit_event()
File "/usr/lib64/python2.6/site-packages/setroubleshoot/audit_data.py", line 884, in derive_avc_info_from_audit_event
raise ValueError("Invalid AVC %s, it is allowed in current policy" % avc)
NameError: global name 'avc' is not defined
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
