Bug 627668

Summary: sealert does not allow to turn off ignores in GUI
Product: Red Hat Enterprise Linux 6 Reporter: Eduard Benes <ebenes>
Component: setroubleshootAssignee: Daniel Walsh <dwalsh>
Status: CLOSED ERRATA QA Contact: Karel Srot <ksrot>
Severity: medium Docs Contact:
Priority: medium    
Version: 6.0CC: ksrot, mmalik, syeghiay
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: setroubleshoot-3.0.31-1.el6 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 558719 Environment:
Last Closed: 2011-12-06 09:48:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 512576, 558719    
Bug Blocks:    

Comment 1 Daniel Walsh 2010-11-22 21:27:44 UTC 
I would prefer to push off setroubleshoot to see how well the redesign in Fedora 15 goes, and then update to that package in 6.2.
Comment 3 Daniel Walsh 2011-05-23 18:51:13 UTC 
Fixed in setroubleshoot-3.0.31-1.el6
Comment 5 Eduard Benes 2011-06-27 09:04:58 UTC 
Clearing qa_ack, setroubleshoot has been removed from 6.2 approved list.
Comment 9 Karel Srot 2011-10-19 09:39:47 UTC 
AVC Ingore doesn't seem to work in setroubleshoot-3.0.38-2.1.el6.x86_64

I have executed
# sandbox touch /etc/genavc.log
/bin/touch: cannot touch `/etc/genavc.log': Permission denied
and opened the sealert browser. I have chosen Ignore for this particular AVC but after another "sandbox touch /etc/genavc.log" I had been notified again.
Comment 11 Daniel Walsh 2011-10-19 14:21:56 UTC 
Sandbox is generating a different signature each time it is run, so setroubleshoot is not matching the signatures.  (Different MCS Label).  If you want to test this out, a better solution would be

touch /var/www/html/index.html
chcon -t user_home_t /var/www/html/index.html
service httpd start
wget localhost 

This should generate an AVC about httpd_ reading user_home_t.  Tell setroubleshoot to ignore.

wget localhost

You should not get another AVC about httpd_t and user_home_t.
Comment 15 errata-xmlrpc 2011-12-06 09:48:48 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2011-1509.html