sealert fails when selinuxfs is not mounted

Solution Verified - Updated -

Issue

  • sestatus reporting SELinux is disabled, yet system was booted with it enabled

    # sestatus
SELinux status:                 disabled

  • sealert -a /var/log/audit/audit.log fails with following traceback

    Traceback (most recent call last):
  File "/usr/bin/sealert", line 683, in <module>
    do_analyze_logfile(logfile)
  File "/usr/bin/sealert", line 527, in do_analyze_logfile
    scanner = ScanLogfile(logfile_path)
  File "/usr/bin/sealert", line 489, in __init__
    from setroubleshoot.analyze import LogfileAnalyzer
ValueError: You must specify the -p option with the path to the policy file.

  • semanage fails with following

    # semanage fcontext --add --type=postfix_local_tmp_t /var/opt/bz1421160
SELinux:  Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.
SELinux:  Could not open policy file <= /etc/selinux/targeted/policy/policy.30:  No such file or directory
/sbin/load_policy:  Can't load policy:  No such file or directory
libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).
SELinux:  Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.
SELinux:  Could not open policy file <= /etc/selinux/targeted/policy/policy.30:  No such file or directory
/sbin/load_policy:  Can't load policy:  No such file or directory
libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).
OSError: No such file or directory

Environment

  • Red Hat Enterprise (RHEL) 7.0-7.3
  • util-linux up to 2.32.2-35

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content