RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1539813 - the output of sealert -a ... is localized partially
Summary: the output of sealert -a ... is localized partially
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: setroubleshoot
Version: 7.5
Hardware: All
OS: Linux
low
low
Target Milestone: rc
: ---
Assignee: Vit Mojzis
QA Contact: Milos Malik
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-01-29 16:33 UTC by Dalibor Pospíšil
Modified: 2021-05-12 07:02 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-02-27 14:08:31 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1332126 0 medium CLOSED the output of sealert -l ... is localized partially 2021-02-22 00:41:40 UTC

Internal Links: 1332126

Description Dalibor Pospíšil 2018-01-29 16:33:37 UTC 
For languages, like DE, there are some string translated and some not. We are not supposed to have 100% translation for these languages but currently the mixture makes it very weird.

It would be good to have it either fully translated or fully not translated. The current state where every other sentence is translated feels inappropriate or even dilettante. Also there are missing spaces after 'dann'

# rpm -q setroubleshoot
setroubleshoot-3.2.29-3.el7.x86_64
# LANG=de_DE.utf8 LC_ALL=de_DE.utf8 sealert -a tmp                                                                                                                                                                 
100% done
found 1 alerts in tmp
--------------------------------------------------------------------------------

SELinux hindert httpd daran, mit getattr-Zugriff auf Datei /var/www/html/test zuzugreifen.

*****  Plugin restorecon (99.5 Wahrscheinlichkeit) schlägt vor    ************

If you want to fix the label. 
/var/www/html/test default label should be httpd_sys_content_t.
Dannyou can run restorecon. The access attempt may have been stopped due to insufficient permissions to access a parent directory in which case try to change the following command accordingly.
Ausführen
# /sbin/restorecon -v /var/www/html/test

*****  Plugin catchall (1.49 Wahrscheinlichkeit) schlägt vor    **************

If you believe that httpd should be allowed getattr access on the test file by default.
Dannsie sollten dies als Fehler melden.
Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen.
Ausführen
allow this access for now by executing:
# ausearch -c 'httpd' --raw | audit2allow -M my-httpd
# semodule -i my-httpd.pp


zusätzliche Information:
Quellkontext                  system_u:system_r:httpd_t:s0
Zielkontext                   unconfined_u:object_r:admin_home_t:s0
Zielobjekte                   /var/www/html/test [ file ]
Quelle                        httpd
Quellpfad                     httpd
Port                          <Unknown>
Host                          <Unknown>
RPM-Pakete der Quelle         
RPM-Pakete des Ziels          
Richtlinien-RPM               selinux-policy-3.13.1-186.el7.noarch
SELinux aktiviert             True
Richtlinientyp                targeted
Enforcing-Modus               Enforcing
Rechnername                   sopos-rhel7-brq.usersys.redhat.com
Plattform                     Linux sopos-rhel7-brq.usersys.redhat.com
                              3.10.0-693.el7.x86_64 #1 SMP Thu Jul 6 19:56:57
                              EDT 2017 x86_64 x86_64
Anzahl der Alarme             1
Zuerst gesehen                2014-11-21 08:23:09 CET
Zuletzt gesehen               2014-11-21 08:23:09 CET
Lokale ID                     07634a10-11ab-4f6a-851c-b509854a6ead

Raw-Audit-Meldungen
type=AVC msg=audit(1416554589.695:13787): avc:  denied  { getattr } for  pid=26259 comm="httpd" path="/var/www/html/test" dev="dm-0" ino=1160138 scontext=system_u:system_r:httpd_t:s0 tcontext=unconfined_u:object_r:admin_home_t:s0 tclass=
file


Hash: httpd,httpd_t,admin_home_t,file,getattr
Comment 3 Zdenek Pytela 2019-02-27 14:08:31 UTC 
This issue was not selected to be included in Red Hat Enterprise Linux 7.7 because it is seen either as low or moderate impact to a small number of use-cases. The next release will be in Maintenance Support 1 Phase, which means that qualified Critical and Important Security errata advisories (RHSAs) and Urgent Priority Bug Fix errata advisories (RHBAs) may be released as they become available.

We will now close this issue, but if you believe that it qualifies for the Maintenance Support 1 Phase, please re-open; otherwise, we recommend moving the request to Red Hat Enterprise Linux 8 if applicable.
Note You need to log in before you can comment on or make changes to this bug.