RHBA-2013:0387 - Bug Fix Advisory

Topic

Updated setroubleshoot packages that fix several bugs are now available for Red
Hat Enterprise Linux 6.

Description

This package provides a set of analysis plugins for use with setroubleshoot.
Each plugin has the capacity to analyze SELinux AVC (Access Vector Cache) data
and system data to provide user friendly reports describing how to interpret
SELinux AVC denial messages.

This update fixes the following bugs:

• Prior to this update, the "sealert -a /var/log/audit/audit.log -H"

command did not work correctly. When opening the audit.log file, the
sealert utility returned an error when the "-H" option was used. The
relevant source code has been modified and the "-H" sealert option is no
longer recognized as a valid option. (BZ#788196)

• Previously, SELinux Alert Browser did not display alerts even if SELinux

denial messages were present. This was caused by the sedispatch utility, which
did not handle audit messages correctly, and users were not able to fix their
SELinux issues according to the SELinux alerts. Now, SELinux Alert Browser
properly alerts the user in the described scenario. (BZ#832143)

• Under certain circumstances, sealert produced the " 'tuple' object has no

attribute 'split' " error message. A patch has been provided to fix this bug. As
a result, sealert no longer returns this error message. (BZ#842445)

• The sealert utility returned parse error messages if an alert description

contained parentheses. With this update, sealert has been fixed and now, the
error messages are no longer returned in the described scenario. (BZ#851824)

• Previously, improper documentation content was present in files located in the

/usr/share/doc/setroubleshoot/ directory. This update removes certain unneeded
files and fixes content of others. (BZ#864429)

Users of setroubleshoot are advised to upgrade to these updated packages, which
fix these bugs.

Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Affected Products

• Red Hat Enterprise Linux Server 6 x86_64
• Red Hat Enterprise Linux Server 6 i386
• Red Hat Enterprise Linux Workstation 6 x86_64
• Red Hat Enterprise Linux Workstation 6 i386
• Red Hat Enterprise Linux Desktop 6 i386
• Red Hat Enterprise Linux for IBM z Systems 6 s390x
• Red Hat Enterprise Linux for Power, big endian 6 ppc64
• Red Hat Enterprise Linux Server from RHUI 6 x86_64
• Red Hat Enterprise Linux Server from RHUI 6 i386
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
• Red Hat Enterprise Linux Desktop 6 x86_64
• Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

• BZ - 788196 - "sealert" returns error when "-H" option is used
• BZ - 851824 - sealert parse errors when description contains parenthesis
• BZ - 864429 - improper content of docfiles in /usr/share/setroubleshoot

CVEs

(none)

References

(none)