sealert fails when selinuxfs is not mounted
Issue
-
sestatus
reporting SELinux is disabled, yet system was booted with it enabled# sestatus SELinux status: disabled
-
sealert -a /var/log/audit/audit.log
fails with following tracebackTraceback (most recent call last): File "/usr/bin/sealert", line 683, in <module> do_analyze_logfile(logfile) File "/usr/bin/sealert", line 527, in do_analyze_logfile scanner = ScanLogfile(logfile_path) File "/usr/bin/sealert", line 489, in __init__ from setroubleshoot.analyze import LogfileAnalyzer ValueError: You must specify the -p option with the path to the policy file.
-
semanage
fails with following# semanage fcontext --add --type=postfix_local_tmp_t /var/opt/bz1421160 SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version. SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory /sbin/load_policy: Can't load policy: No such file or directory libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory). SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version. SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory /sbin/load_policy: Can't load policy: No such file or directory libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory). OSError: No such file or directory
Environment
- Red Hat Enterprise (RHEL) 7.0-7.3
- util-linux up to 2.32.2-35
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.