[CentOS] SELinux and SETroubleshootd woes in CR

Mon Nov 7 21:46:03 UTC 2011
Daniel J Walsh <dwalsh at redhat.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/07/2011 04:29 PM, Trey Dockendorf wrote:
> 
> 
> On Mon, Nov 7, 2011 at 3:02 PM, Daniel J Walsh <dwalsh at redhat.com 
> <mailto:dwalsh at redhat.com>> wrote:
> 
> On 11/07/2011 03:23 PM, Trey Dockendorf wrote:
> 
> 
>> On Wed, Nov 2, 2011 at 8:54 AM, Daniel J Walsh
>> <dwalsh at redhat.com
> <mailto:dwalsh at redhat.com>
>> <mailto:dwalsh at redhat.com <mailto:dwalsh at redhat.com>>> wrote:
> 
>> On 11/01/2011 09:12 PM, Trey Dockendorf wrote:
> 
>>> Do you have the
> 
> 
>>> allow_httpd_mod_auth_pam
> 
>>> boolean turned on?
> 
> 
>>> 
> 
> 
> 
> 
>> Sorry for the late reply...
> 
>> I've disabled the dontaudits for now, hopefully that may shed
>> some light on this.
> 
>> Are there any other methods to debug or troubleshoot 
>> setroubleshootd? Or even to verify it's working?  I'd like to
>> rule out that the CR update is the culprit to this no longer
>> sending emails on denials.
> 
>> I also can't seem to get the sealert GUI to work over X11 
>> forwarding. ----------- $ sealert -b -V 2011-11-07 14:20:57,507 
>> [dbus.ERROR] could not start dbus: 
>> org.freedesktop.DBus.Error.Spawn.ExecFailed: /bin/dbus-launch 
>> terminated abnormally without any error message
> 
> 
>> The text version seems to work fine though.  However I would
>> really like the alerts via email as I begin to leave SELinux
>> enabled on all new servers I provision, and force myself to learn
>> this.
> 
>> Thanks - Trey
> 
> grep email /etc/setroubleshoot/setroubleshoot.conf
> 
> 
> This configuration is on my KVM server which is almost static...the
> host I began noticing this on has the same results from that
> command...
> 
> # grep email /etc/setroubleshoot/setroubleshoot.cfg [email] #
> recipients_filepath: Path name of file with email recipients. One
> address recipients_filepath =
> /var/lib/setroubleshoot/email_alert_recipients # from_address: The
> From: email header # subject: The Subject: email header #
> categories is: [rpc, xml, cfg, alert, sig, plugin, avc, email,
> gui, # categories is: [rpc, xml, cfg, alert, sig, plugin, avc,
> email, gui,
> 

Sorry, I was trying to indicate that you can modify this file to setup
setroubleshoot to send mail.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk64UZsACgkQrlYvE4MpobO6ugCg043lNaaA2oV9wyEJIpcqTxk/
NVcAnjCrXjXins6VVONeCaxwYX9hnGtd
=j+J+
-----END PGP SIGNATURE-----