[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 [EMAIL PROTECTED] changed: What|Removed |Added Severity|normal |medium Priority|normal |medium Product|Fedora Core |Fedora -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 [EMAIL PROTECTED] changed: What|Removed |Added Status|NEEDINFO_REPORTER |CLOSED Resolution||NEXTRELEASE CC||[EMAIL PROTECTED] --- Additional Comments From [EMAIL PROTECTED] 2006-07-22 08:16 EST --- Package is in rawhide now. closing -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 [EMAIL PROTECTED] changed: What|Removed |Added Status|ASSIGNED|NEEDINFO_REPORTER --- Additional Comments From [EMAIL PROTECTED] 2006-07-18 13:08 EST --- Please close this when the package is built into rawhide. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 [EMAIL PROTECTED] changed: What|Removed |Added Status|ASSIGNED|NEEDINFO Flag||needinfo? --- Additional Comments From [EMAIL PROTECTED] 2006-07-17 15:24 EST --- Bill, do we have an Ack? John, where should this go in comps? or should it be made a dep of selinux userland stuff? -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 [EMAIL PROTECTED] changed: What|Removed |Added Status|NEEDINFO|ASSIGNED Flag|needinfo? | --- Additional Comments From [EMAIL PROTECTED] 2006-07-17 15:43 EST --- Yeah. When I ran it it seemed somewhat overloaded with jargon, but that can be fixed. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-07-17 15:50 EST --- added to dist-fc6, jdennis is owner. Still not sure where to put it in Comps. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-07-15 16:10 EST --- Created an attachment (id=132498) -- (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=132498action=view) Cosmetic fix for setroubleshoot usage statement Trivial and cosmetic, but I'm just starting to learn Python. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-07-14 09:56 EST --- ping, is this in for FC6t2? I haven't heard anything explicit and the freeze date is approaching, just checking. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-07-06 15:36 EST --- I realize the package needs documentation but let me explain what Bill probably experienced. There are two basic modes the analyzer can run it, either running in the background waiting to be triggered by an real time AVC, or run against a log file which might contain AVC messages. In the former case, AVC real time event mode, the trigger is fired by auditd, it invokes the analyzer because /etc/auditd.conf has its dispatcher line set to /usr/sbin/avc_snap (BTW, that name is going to change), avc_snap talks to the troubleshooter daemon setroubleshootd. However, the rpm in its current form does not edit auditd.conf or manage the auditd service, all for a variety of good packaging practices. Thus you may not have seen anything if auditd was not running or it's dispatcher was not set to avc_snap. Steve Grubb and I are working on fixing this issue this week. The plan is to have auditd find plugin configuration files in /etc/audisp.d. When that functionality is present (expected next week) then setroubleshoot will install a configuration file there. (BTW, I did just notice the spec file was missing a requires for audit, that has been fixed). The second mode, log file scanning, can be done via % /usr/sbin/setroubleshoot filename Just be aware the version you have does not throttle multiple alerts and may fire off a bunch of them in succession, throttling code will be checked in tommorow. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-07-06 15:39 EST --- I spoke with Pete Graner today because we're trying to get this into RHEL5, but that has a dependency on this being in FC6t2 (as I understand it). FC6t2 freeze is 7/12, can we get this approved so that its in the pipeline? -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-07-06 15:41 EST --- OK, I installed auditd and started it, and still didn't get any pop-ups or similar; setroubleshoot /var/log/messages also gave no output. Does it only handle certain AVCs? -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-07-06 16:08 EST --- There are two pieces to the package, the framework, and a set of analysis plugins. It is the analysis plugin's job to recognise an AVC. So far most of the work has gone into the framework, not the set of plugins, and the current rpm only has two analysis plugins. The plugin's are meant to be simple to author, and on the TODO list is simplyfying them even further. I'm attaching a trival log file you can test with that has an AVC which would be generated by ftpd, one of the existing plugins. I suppose I should mention as well that we would like to distribute the plugin's separately and I'll probably tweak the spec file to make the plugin's a sub package. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-07-06 16:10 EST --- Created an attachment (id=132021) -- (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=132021action=view) trival log file with ftpd AVC message to use for testing -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-06-30 16:22 EST --- Hm, I can't seem to get it to do anything useful. The daemon starts, but that's about it. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 [EMAIL PROTECTED] changed: What|Removed |Added AssignedTo|[EMAIL PROTECTED] |[EMAIL PROTECTED] CC||[EMAIL PROTECTED] OtherBugsDependingO|188265 |188268 nThis|| --- Additional Comments From [EMAIL PROTECTED] 2006-06-28 16:41 EST --- SHOULDFIX: - There is no URL to upstream source, so it would be difficult to verify source checksum. Everything else is clean. This passes package review. Bill, care to ack/nack? John, if we bring this into core, how would it get installed on people's system? Would it go into a Comps group? Would it be a dep of something else? -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-06-26 17:35 EST --- Should the package own these: /var/log/setroubleshoot/ /var/log/setroubleshoot/setroubleshoot.log c.f.: sudo /sbin/service setroubleshoot start Starting setroubleshootd: Traceback (most recent call last): File /usr/sbin/setroubleshootd, line 20, in ? from setroubleshoot.config import cfg File /usr/lib/python2.4/site-packages/setroubleshoot/__init__.py, line 23, in ? LogInit() File /usr/lib/python2.4/site-packages/setroubleshoot/log.py, line 39, in LogInit filemode='a') File /usr/lib/python2.4/logging/__init__.py, line 1218, in basicConfig hdlr = FileHandler(filename, mode) File /usr/lib/python2.4/logging/__init__.py, line 757, in __init__ stream = open(filename, mode) IOError: [Errno 2] No such file or directory: '/var/log/setroubleshoot/setroubleshoot.log' [FAILED] -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
[Bug 196748] Review Request: setroubleshoot - automatic diagnosis of SELinux problems
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: setroubleshoot - automatic diagnosis of SELinux problems https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=196748 --- Additional Comments From [EMAIL PROTECTED] 2006-06-27 00:03 EST --- opps, you're right David the log directory was missing from the %files section, as was a logrotate script. I added both, new version is now setroubleshoot-0.3-1 in the same ftp area. Thank you. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is. ___ Fedora-package-review mailing list Fedora-package-review@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-review
