Bug 477780
Summary: | RFE: AVC denial notifications configuration. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Gilboa Davara <gilboad> |
Component: | setroubleshoot | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 10 | CC: | dwalsh, jdennis, mgrepl |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2008-12-23 17:43:50 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Gilboa Davara
2008-12-23 17:32:37 UTC
This functionality is already present. If this is the same AVC which keeps triggering it then all you need to do is check the "Quiet" checkbox in the browser, as long as that is checked you won't get any notifications for that alert. You can also edit /etc/setroubleshoot/setroubleshoot.cfg and modify the use_notification parameter. It's values are documented in the config file. You'll have restart sealert for it to take effect. Here is the doc for use_notification: Control balloon notification. Possible values: always,never,browser_hidden "always" will always display the notification. "never" disables notification completely. "browser_hidden" displays the notification but only if the alert browser is not visible. Note: individual alerts can be flagged as silent disabling notification for a specific alert, this parameter does not override that. OK. Thanks. Never the less, would it be possible the add some information about this cfg to the selart man page? (A normal 'man -k setroubleshoot' and/or google search about configuring selinux notification returns more-or-less nothing; same goes for 'man sealert'; in essence, you must be aware of setroubleshoot.cfg before-hand) Beyond that, I've set setroubleshoot.cfg's use_notification to browser_hidden and restarted the setroubleshoot service. Ran the script, first notification, started the browser... and the notification kept coming. Should I open a separated bug report? - Gilboa |