Description of problem: After reloading policy, "audit2allow --lastreload --all" still shows the same audits. Version-Release number of selected component (if applicable): policycoreutils-1.30.30-1 How reproducible: Always Steps to Reproduce: 1. Edit local policy 2. setenforce 0 3. make -f /usr/share/selinux/devel/Makefile 4. semodule -i local.pp 5. setenforce 1 6. audit2allow --lastreload --all Actual results: The same audits are shown after the policy is successfully reloaded Expected results: No audits occured after the policy reload, so none should be shown Additional info: In previous releases (e.g., FC5) the "-l or --lastreload" option worked
I can confirm this too after a "semodule -R" command.
It looks like the problem is that the audit package is not installed by default in FC6. When I installed setroubleshoot, audit was pulled in as a requisite. After the next policy reload, audit2allow operated as expected.
Fixed in policycoreutils-1.33.2-2.fc6