Red Hat Bugzilla – Bug 821630
RFE: Abrt selinux cases are not including sosreport
Last modified: 2013-07-10 07:35:40 EDT
Description of problem:
Attachment file that comes with selinux cases reported via abrt does not contain sosreport
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Report any selinux via abrt.
attachment contains file content.xml and there is no sosreport included
Sosreport should be included. /var/log/audit.log and ps -efZ will provide important information.
It should also provide
semanage login -l
semanage user -l
And did selinux cases ever contain the sosreport or is this a request to add it?
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.
This is request to add sosreport with selinux report.
Actually ABRT doesn't catch AVCs in RHEL and libreport just sends the data to bugzilla, so it's setroubleshoot who needs to run sosreport and pass the resulting file to libreport
Can we get at least this information?
# ps auxZ
# lsof -Z
# ls -lZ <target file>
The setroubleshoot report includes the source context of the process that created the AVC, and in most cases the target context of the object that is being denied.
Even if we accept that setroubleshoot alert includes very less information, Can we do post-processing after we get the report in libreport?
For all selinux cases, we need to ask output of these commands as first question.
This request was erroneously removed from consideration in Red Hat Enterprise Linux 6.4, which is currently under development. This request will be evaluated for inclusion in Red Hat Enterprise Linux 6.4.
These changes are quite big for this time in devel cycle -> moving to 6.6
Development Management has reviewed and declined this request.
You may appeal this decision by reopening this request.