Bug 212750 - audit2allow "--lastreload" option not honored
audit2allow "--lastreload" option not honored
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: policycoreutils (Show other bugs)
6
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-10-28 14:08 EDT by Mace Moneta
Modified: 2007-11-30 17:11 EST (History)
3 users (show)

See Also:
Fixed In Version: policycoreutils-1.33.2-2.fc6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-06-09 01:11:05 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mace Moneta 2006-10-28 14:08:29 EDT
Description of problem:

After reloading policy, "audit2allow --lastreload --all" still shows the same
audits.


Version-Release number of selected component (if applicable):

policycoreutils-1.30.30-1

How reproducible:

Always


Steps to Reproduce:

1. Edit local policy
2. setenforce 0
3. make -f /usr/share/selinux/devel/Makefile
4. semodule -i local.pp
5. setenforce 1
6. audit2allow --lastreload --all


Actual results:

The same audits are shown after the policy is successfully reloaded

Expected results:

No audits occured after the policy reload, so none should be shown


Additional info:

In previous releases (e.g., FC5) the "-l or --lastreload" option worked
Comment 1 Jan ONDREJ 2006-10-30 00:49:52 EST
I can confirm this too after a "semodule -R" command.
Comment 2 Mace Moneta 2006-11-04 13:31:55 EST
It looks like the problem is that the audit package is not installed by default
in FC6.  When I installed setroubleshoot, audit was pulled in as a requisite. 
After the next policy reload, audit2allow operated as expected.
Comment 3 Daniel Walsh 2006-11-28 09:58:23 EST
Fixed in policycoreutils-1.33.2-2.fc6

Note You need to log in before you can comment on or make changes to this bug.