[CentOS] SELinux and SETroubleshootd woes in CR

Mon Nov 7 21:29:44 UTC 2011
Trey Dockendorf <treydock at gmail.com>

On Mon, Nov 7, 2011 at 3:02 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 11/07/2011 03:23 PM, Trey Dockendorf wrote:
> >
> >
> > On Wed, Nov 2, 2011 at 8:54 AM, Daniel J Walsh <dwalsh at redhat.com
> > <mailto:dwalsh at redhat.com>> wrote:
> >
> > On 11/01/2011 09:12 PM, Trey Dockendorf wrote:
> >
> >> Do you have the
> >
> >
> >> allow_httpd_mod_auth_pam
> >
> >> boolean turned on?
> >
> >
> >>
>
> >
> >
> >
> > Sorry for the late reply...
> >
> > I've disabled the dontaudits for now, hopefully that may shed some
> > light on this.
> >
> > Are there any other methods to debug or troubleshoot
> > setroubleshootd? Or even to verify it's working?  I'd like to rule
> > out that the CR update is the culprit to this no longer sending
> > emails on denials.
> >
> > I also can't seem to get the sealert GUI to work over X11
> > forwarding. ----------- $ sealert -b -V 2011-11-07 14:20:57,507
> > [dbus.ERROR] could not start dbus:
> > org.freedesktop.DBus.Error.Spawn.ExecFailed: /bin/dbus-launch
> > terminated abnormally without any error message
> >
> >
> > The text version seems to work fine though.  However I would really
> > like the alerts via email as I begin to leave SELinux enabled on
> > all new servers I provision, and force myself to learn this.
> >
> > Thanks - Trey
>
>  grep email /etc/setroubleshoot/setroubleshoot.conf
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk64R1AACgkQrlYvE4MpobMflwCgu1xX/ns76ypnuBkI0CUmOTZE
> W4gAnjey2F71uNUTN8b9jacOu1CXpuLL
> =lF+c
> -----END PGP SIGNATURE-----
>

This configuration is on my KVM server which is almost static...the host I
began noticing this on has the same results from that command...

# grep email /etc/setroubleshoot/setroubleshoot.cfg
[email]
# recipients_filepath: Path name of file with email recipients. One address
recipients_filepath = /var/lib/setroubleshoot/email_alert_recipients
# from_address: The From: email header
# subject: The Subject: email header
# categories is: [rpc, xml, cfg, alert, sig, plugin, avc, email, gui,
# categories is: [rpc, xml, cfg, alert, sig, plugin, avc, email, gui,