On 04/21/2010 04:22 AM, Dominick Grift wrote:
> On Wed, Apr 21, 2010 at 01:34:16AM -0500, Robert Nichols wrote:
>> What, in the hopelessly complex chain of process startups, is supposed to start
>> setroubleshootd? I find it is either not getting started or silently dieing on
>
> Currently DBUS
>
>> my Fedora 12 system. I find I've been getting a bunch of AVCs logged, with no
>> alert of course, and no way to get those AVCs translated with human-readable
>> timestamps so that I have the slightest chance of correlating those with
>
> ausearch -m avc -ts recent --interpret
>
>> anything else going on in the system. ("sealert -a
>> /var/log/audit/audit.log" just dies with "NameError: global name
>> 'avc' is not defined".)
>>
>> The manpage for sealert mentions a GUI browser. That must have been in
>> somebody's wet dream, because there is no such thing. Regardless of how
>> sealert is started, the GUI menu discussed in the manpage does not exist.
>>
>> Again, SElinux turns out to be a bigger pain than anything it is supposedly
>> protecting against.
>
> Please do not generalize, just because SETroubleshoot is not exactly a miracle that does not mean the rest of SELinux is a pain as well.
When the analysis and reporting tools are not working, the entire glorious
package becomes just another broken down luxury car blocking the center
lane of the expressway and needing to be hauled away.
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux
