Menu Close

Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

4.292. setroubleshoot

Updated setroubleshoot packages that fix several bugs are now available for Red Hat Enterprise Linux 6.
The setroubleshoot packages provide tools to help diagnose SELinux problems. When Access Vector Cache (AVC) messages are generated, an alert can be displayed that provides information about the problem and helps track its resolution. Alerts are user-configurable. The same tools can be run on existing log files.

Bug Fixes

Prior to this update, sealert exited with an exit status of 0, indicating success, even though it failed to start. With this update, sealert returns a correct, non-zero exit status when it fails to start.
Prior to this update, the setroubleshootd man page described an option that was not supported by the setroubleshootd service. This update corrects the man page content by removing the unsupported option.
Previously, the combination of the -a/--analyze option with another option (for example, sealert -a ./test-audit.log -b caused sealert to not work properly. This bug has been fixed and sealert alerts the user that the -a/--analyze option can not be used with another option.
Prior to this update, marking an AVC message as ignored using the Ignore button in the SETroubleshoot GUI and, consequently, reproducing that same AVC message, would not ignore that message. With this update, the underlying source code has been modified to address this issue, and ignored AVC messages no longer appear in the SETroubleshoot GUI.
When SELinux produced an alert, clicking on show to view the alert brought up the sealert browser but showed no alerts. An error message was also logged in /var/log/messages. This was because the /var/lib/setroubleshoot/setroubleshoot_database.xml database contained localized content which could not be parsed. With this update, the aforementioned database no longer contains localized content, and the sealert browser correctly shows all alerts.
Prior to this update, the sealert -s or sealert -S commands failed with a segmentation fault when LANG was set to Japanese (LANG=ja-JP). With this update, the underlying source code has been modified to address this issue, and the sealert command no longer fails on localized file analyses.
Disabling IPv6 could cause AVC messages flooding regarding different confined domains asking the kernel to load the net-pf-10 kernel module. The appropriate setroubleshoot plugin was updated to not display these messages when IPv6 is blacklisted. It is recommended that users disable IPv6 using the /etc/sysctl.conf file. In such a case, AVC messages do not appear at all.
Installing the setroubleshoot* packages did not require the pygtk2-libglade, even though sealert and setroubleshoot require this package, which caused an "ImportError" exception when running the aforementioned applications. This update fixes the setroubleshoot spec file and adds the pygtk2-libglade dependency.
BZ#692915, BZ#721347
Previously, the setroubleshoot-server package installed the X related packages as a dependency. This update removes this dependency.
Prior to this update, setroubleshoot used the report library to send problem reports to Bugzilla. To unify configuration for bug reporting, a new library (libreport) was created, which unifies problem reporting in all applications. With this update, setroubleshoot uses the new libreport library for problem reporting.
This update replaces the setroubleshoot's dependency on report-gtk with libreport-gtk.
Selecting and copying a string of text in the SEAlert GUI resulted in the full description being copied into the clipboard, rather than just the selected string. With this update, as expected, only the selected string is copied into the clipboard.
Previously, an incorrect version of the setroubleshoot-plugins package was required by a the new setroubleshoot package which was released with this update.
The setroubleshoot package has been upgraded to upstream version 3.0.38-2.1, which provides a number of bug fixes and enhancements over the previous version.
The setroubleshoot-plugins package has been upgraded to upstream version 3.0.16-1, which provides a number of bug fixes and enhancements over the previous version.
All users of setroubleshoot should upgrade to these updated packages, which fix these bugs.