Red Hat Bugzilla – Bug 212750
audit2allow "--lastreload" option not honored
Last modified: 2007-11-30 17:11:46 EST
Description of problem:
After reloading policy, "audit2allow --lastreload --all" still shows the same
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Edit local policy
2. setenforce 0
3. make -f /usr/share/selinux/devel/Makefile
4. semodule -i local.pp
5. setenforce 1
6. audit2allow --lastreload --all
The same audits are shown after the policy is successfully reloaded
No audits occured after the policy reload, so none should be shown
In previous releases (e.g., FC5) the "-l or --lastreload" option worked
I can confirm this too after a "semodule -R" command.
It looks like the problem is that the audit package is not installed by default
in FC6. When I installed setroubleshoot, audit was pulled in as a requisite.
After the next policy reload, audit2allow operated as expected.
Fixed in policycoreutils-1.33.2-2.fc6