Hi,
I read about FC6 ships with SELinux alert notification tool, but I couldn't get it to work.
After installing FC6 in full, I didn't find the alert tool installed. (I had problem with FirstBoot; workaround found; then my rpm database corrupted after the first update; it was restored. Newbie would really find it not easy, unless they are good at searching for solution on the web. But that is a different story...)
I read a few web pages and figured out the package to install, so this is what I had done:
# yum install setroubleshoot
I started the service: #/etc/init.d/setroubleshoot start
I didn't get notification when I copied a file from my home directory to apache html directory and attempted to access the file. I got "403 Forbidden" error page, but there is no notification.
I tried the following commands, but they didn't work with root privilege:
# /usr/bin/sealert -b could not attach to desktop process, running standalone # /usr/bin/sealert could not attach to desktop process
With user privilege, I can start the setroubleshoot browser, but it couldn't access /var/log/messages as expected.
What am I missing?
Thanks for your help.
OK, never mind that. After a system reboot, it magically worked.
(One bit of important information I forgot to include is that this is a x86_64 system. I'm not sure if that would explain some of the problems that I encountered. By the way, the eye candy is really sweet; like it very much.)
On Tue, 2007-01-30 at 13:20 -0800, Daniel Yek wrote:
OK, never mind that. After a system reboot, it magically worked.
(One bit of important information I forgot to include is that this is a x86_64 system. I'm not sure if that would explain some of the problems that I encountered. By the way, the eye candy is really sweet; like it very much.)
setroubleshootd depends on the auditd service; if you don't start auditd first it doesn't get any info about selinux denials.
Gosh, wouldn't it be nice if our init scripts had some kind of dependency info?
-w
At 01:00 PM 1/31/2007, Will Woods wrote:
On Tue, 2007-01-30 at 13:20 -0800, Daniel Yek wrote:
OK, never mind that. After a system reboot, it magically worked.
(One bit of important information I forgot to include is that this is a x86_64 system. I'm not sure if that would explain some of the problems
that
I encountered. By the way, the eye candy is really sweet; like it very
much.)
setroubleshootd depends on the auditd service; if you don't start auditd first it doesn't get any info about selinux denials.
That is good to know. Thanks.
-
Daniel Yek -
Will Woods