Bug 782907 - sealert is dead
Summary: sealert is dead
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: setroubleshoot
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-01-18 20:20 UTC by Nicolas Mailhot
Modified: 2012-01-22 11:19 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-01-20 21:41:30 UTC
Type: ---

Attachments (Terms of Use)
system avcs (1.74 MB, text/plain)
2012-01-19 19:47 UTC, Nicolas Mailhot 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Nicolas Mailhot 2012-01-18 20:20:38 UTC 
Description of problem:

sealert does not log selinux alerts anymore even though multiples services (amavisd, bip, denyhosts, ddclient) are failing on boot if the system is not switched to permissive mode

I doubt anyone will run rawhide in enforcing mode anymore if there is no easy way to report policy problems

Version-Release number of selected component (if applicable):
setroubleshoot-server-3.0.47-1.fc17.x86_64
Comment 1 Miroslav Grepl 2012-01-19 09:52:41 UTC 
We see this also on F16. The problem is downgraded setroubleshoot does not work too.

Btw. What AVC msgs are you getting?
Comment 2 Miroslav Grepl 2012-01-19 12:57:05 UTC 
Could you try to downgrade python-slip-dbus?
Comment 3 Nicolas Mailhot 2012-01-19 19:20:56 UTC 
(In reply to comment #2)
> Could you try to downgrade python-slip-dbus?

I've tried all python-slip* versions from the latest rawhide one till
python-slip-0.2.17-1.fc16.noarch
python-slip-gtk-0.2.17-1.fc16.noarch
python-slip-dbus-0.2.17-1.fc16.noarch

(rebooting after each downgrade)

but sealert stays empty
Comment 4 Nicolas Mailhot 2012-01-19 19:47:30 UTC 
Created attachment 556380 [details]
system avcs

(In reply to comment #1)

> Btw. What AVC msgs are you getting?
Comment 5 Nicolas Mailhot 2012-01-20 17:30:43 UTC 
(In reply to comment #4)
> Created attachment 556380 [details]
> system avcs

BTW, I made the mistake of forcing an autorelabel after installing 
selinux-policy-targeted-3.10.0-76.fc17.noarch since its changelog semmed to indicate some of those were fixed

selinux blocked itself at the relabel stage (blocked changing of booleans and another file I don't remember)

so now I need to boot with selinux=0

Otherwise it will try to relabel, block itself, and make no progress
Comment 6 Daniel Walsh 2012-01-20 21:41:30 UTC 
Fixed in setroubleshoot-3.1.1-1.fc17
Comment 7 Nicolas Mailhot 2012-01-22 11:19:24 UTC 
(In reply to comment #5)
> (In reply to comment #4)
> > Created attachment 556380 [details]
> > system avcs
> 
> BTW, I made the mistake of forcing an autorelabel after installing 
> selinux-policy-targeted-3.10.0-76.fc17.noarch since its changelog semmed to
> indicate some of those were fixed
> 
> selinux blocked itself at the relabel stage (blocked changing of booleans and
> another file I don't remember)
> 
> so now I need to boot with selinux=0
> 
> Otherwise it will try to relabel, block itself, and make no progress

Got the relabel to work by booting with enforcing=0 and single mode. Though it was quite un-obvious
Note You need to log in before you can comment on or make changes to this bug.