--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2008-2100
2008-02-28 21:14:27
--------------------------------------------------------------------------------Name        : setroubleshoot
Product     : Fedora 8
Version     : 2.0.5
Release     : 2.fc8
URL         : https://fedoraproject.org/wiki/Infrastructure/Fedorahosted-retirement
Summary     : Helps troubleshoot SELinux problems
Description :
setroubleshoot gui. Application that allows you to view setroubleshoot-server
messages.
Provides tools to help diagnose SELinux problems. When AVC messages
are generated an alert can be generated that will give information
about the problem and help track its resolution. Alerts can be configured
to user preference. The same tools can be run on existing log files.

--------------------------------------------------------------------------------Update Information:

This is a major upgrade of setroubleshoot. The primary difference is  how audit
data is captured, analyzed, and stored. Security  vulnerabilities, performance,
usability, and robustness have been  addressed in addition to general bug fixes.
Important Installation Notes: The format of the persistent data store  has
changed, after installation the alert database will be newly  initialized and
previous alerts will be lost. For most users this will  not be an issue since
alerts are ephemeral and if the alerting issue  persists a new alert will be
generated in the new format the next time  it occurs. Also, some users may
experience an error dialog from  sealert during installation due to the order in
which files are  installed, this may safely be ignored and is a known issue.
After  installation the sealert desktop component should be restarted, this  can
be achieved by logging out of your desktop sesson or by issuing  the following
commands from within the desktop session.    % sealert -q  % sealert -s
--------------------------------------------------------------------------------ChangeLog:

* Fri Feb 22 2008  - 2.0.5-2
- bump rev for build
* Wed Feb  6 2008 John Dennis  - 2.0.5-1
- allow sealert -l lookup to accept * wildcard
	- add a few more audit fields needing special decode handling
* Thu Jan 31 2008  - 2.0.4-1
- Resolve bug #430421: audit_listener_database.xml:3029: parser error in xmlParseDoc()
	  rewrite the audit_msg_decode logic to beaware of specific audit fields
	- add new template substitution $SOURCE, a friendly name, $SOURCE_PATH still exists
	  and is the full path name of $SOURCE, also add 'source' attribute in AVC class,
	  fix how source and source_path are computed from audit's comm and exe fields
	- fix the computation of tpath to also look at the audit name field, formerly
	  it had only been looking at path, fixes  showing up for many targets
	- add exception handling around xml file writes (Alan Cox reports problem when /var is full)
	- add testing documentation
	- Resolve bug #430845: obsolete URL in setroubleshoot package description
	- Resolve bug #428960: Permissive message makes no sense.
	- init script now allows extra test options
	- show_browser() now opens and raises the window (e.g. presents) rather than just
	  assuring it's realized (e.g. iconified, or hidden)
	- sealert -l message in syslog converts from html before writing to syslog
	- Resolve bug #320881: export setroubleshoot_selinux_symposium in PDF format
	- add code to verify all async rpc's have been cleared from the async rpc cache
	- add code to set a default rpc method return if the interface does not define a callback
	  (methods which did not have a callback were not returning anything and hence were not
	   getting cleared from the cache)
* Fri Jan 11 2008  - 2.0.2-1
- Resolve bug #428252: Problem with update/remove old version
	- Add code to validate xml database version, if file is incompatible it is not read,
	  the next time the database is written it will be in the new version format.
	  This means the database contents are not preserved across database version upgrades.
	- Remove postun trigger from spec file used to clear database between incompatible versions
	  the new database version check during database read will handle this instead
	- bullet proof exit status in init script and rpm scriptlets
	- Resolve bug #247302: setroubleshoot's autostart .desktop file fails to start under a KDE session
	- Resolve bug #376041: Cannot check setroubleshoot service status as non-root
	- Resolve bug #332281: remove obsolete translation
	- Resolve bug #344331: No description in gnome-session-properties
	- Resolve bug #358581: missing libuser-python dependency
	- Resolve bug #426586: Renaming translation po file from sr@Latn to sr@latin
	- Resolve bug #427260: German Translation
	- enhance the sealert man page
* Fri Jan  4 2008  - 2.0.1-1
- make connection error message persist instead of timeout in browser
	- updated Brazilian Portuguese translation: Igor Pires Soares 
	- implement uid,username checks
	- rpc methods now check for authenticated state
	- fix html handling of summary string
	- add 'named' messages to status bar, make sure all messages either timeout or are named
	- fix ordering of menus, resolves bug #427418
	- add 'hide quiet' to browser view filtering, resolves bug #427421
	- tweak siginfo text formatting
	- add logon to SECommandLine so that sealert -l  works
* Fri Dec 28 2007  - 2.0.0-1
- prepare for v2 test release
	- Completed most work for version 2 of setroubleshoot, prepare for test release
	- import Dan's changes from the mainline
	  primarily allow_postfix_local_write_mail_spool plugin
	- escape html, fix siginfo.format_html(), siginfo.format_text()
	- add async-error signal
	- change identity to just username
	- make sure set_filter user validation works and reports error in browser
	- fix generation of line numbers and host when connected to audispd
	- add permissive notification, resolves bug #231334: Wording doesn't change for permissive mode
	- resolves bug #244345: avc path information incomplete
	- get the uid,gid when a client connects to the server
	- set_filter now verifies the filter is owned by the user,
	- resolves bug #288261: setroubleshoot lack of user authentication
	- remove filter options which weren't being used
	- change '@' in audit data hostname to '.'
	- remove restart dialog
	  resolves bug #321171: sealert's dialog after update is higly confusing
	- fix rpc xml arg
	- fix handling of host value
	- tweak what fields are in signature
	- move data items which had been in 'avc' object into siginfo
	- clean up siginfo format
	- large parts of new audit data pipeline working, checkpoint
	- fix duplicate xml nodes when generating xml tree
	- audit event can now be xml serialized
	- switch from using int's for audit record types to strings
	- avoid conversion headaches and possibilty of not being
	  able to convert a new unknown type
	- add logic to allow XmlSerialize to be subclassed and init_from_xml_node to be overridden
	- add support to xml serialize classes AuditEventID, AuditEvent, AuditRecord
	- use metaclass for xml class init
	- start adding xml support to audit data classes
	- Use metaclass to wrap class init
	- move xml serialization code from signature.py to xml_serialize.py
	- simplify aspect of the serialization code
	- add unstructured xml mapping, each xml element name has its content mapped to obj.name
	- modify xml serialization to be driven by xml contents
	- general clean up
	- checkpoint conversion of serialization to use metaclasses
	- clean up class/data specifications for XmlSerializable
	- add support for client rpc testing
	- add changelog entry
	- add SubProcess class to setroubleshootd in preparation to
	- run daemon as subprocess so we can gather results and
	  compare them to the expected data we sent
	- rewrite all plugins to use new v2 audit data
	- add SubProcess class to setroubleshootd in preparation to 
          run daemon as subprocess so we can gather results and
          compare them to the expected data we sent
	- add new test support: add config section 'test', add boolean 'analyze' to
	  config test section, add class TestPluginReportReceiver which is installed
	  if test.analyze is True, it prints analysis report. In test_setroubleshootd
	  send AUDIT_EOE to assure sequential event processing so analysis results
	  have same ordering as events that are sent by test_setroubleshootd
	- alert signatures now include host information, alerts will be grouped by host
--------------------------------------------------------------------------------References:

  [ 1 ] Bug #416351 - setroubleshoot does not escape regex chars in suggested cmds
        https://bugzilla.redhat.com/show_bug.cgi?id=416351
  [ 2 ] Bug #430421 - setroubleshoot - audit_listener_database.xml:3029: parser error in xmlParseDoc()
        https://bugzilla.redhat.com/show_bug.cgi?id=430421
  [ 3 ] Bug #430845 - obsolete URL in setroubleshoot package description
        https://bugzilla.redhat.com/show_bug.cgi?id=430845
  [ 4 ] Bug #428960 - Message makes no sense.
        https://bugzilla.redhat.com/show_bug.cgi?id=428960
  [ 5 ] Bug #320881 - Somebody just didn't get it!
        https://bugzilla.redhat.com/show_bug.cgi?id=320881
  [ 6 ] Bug #428252 - Problem with update/remove old version
        https://bugzilla.redhat.com/show_bug.cgi?id=428252
  [ 7 ] Bug #247302 - setroubleshoot's autostart .desktop file fails to start under a KDE session
        https://bugzilla.redhat.com/show_bug.cgi?id=247302
  [ 8 ] Bug #376041 - Cannot check setroubleshoot service status as non-root
        https://bugzilla.redhat.com/show_bug.cgi?id=376041
  [ 9 ] Bug #332281 - remove obsolete translation
        https://bugzilla.redhat.com/show_bug.cgi?id=332281
  [ 10 ] Bug #344331 - No description in gnome-session-properties
        https://bugzilla.redhat.com/show_bug.cgi?id=344331
  [ 11 ] Bug #358581 - missing libuser-python dependency
        https://bugzilla.redhat.com/show_bug.cgi?id=358581
  [ 12 ] Bug #426586 - Renaming translation po file from sr@Latn to sr@latin
        https://bugzilla.redhat.com/show_bug.cgi?id=426586
  [ 13 ] Bug #427260 - German Translation
        https://bugzilla.redhat.com/show_bug.cgi?id=427260
  [ 14 ] Bug #427418 - Menu layout is not GNOME HIG compliant
        https://bugzilla.redhat.com/show_bug.cgi?id=427418
  [ 15 ] Bug #427421 - Need a way to permanently ignore specific AVC logs
        https://bugzilla.redhat.com/show_bug.cgi?id=427421
  [ 16 ] Bug #231334
        https://bugzilla.redhat.com/show_bug.cgi?id=231334
  [ 17 ] Bug #244345 - missing filename in setroubleshoot (AVC.get_path() returns incomplete path)
        https://bugzilla.redhat.com/show_bug.cgi?id=244345
  [ 18 ] Bug #288261
        https://bugzilla.redhat.com/show_bug.cgi?id=288261
  [ 19 ] Bug #321171 - sealert's dialog after update is higly confusing
        https://bugzilla.redhat.com/show_bug.cgi?id=321171
--------------------------------------------------------------------------------This update can be installed with the "yum" update program.  Use 
su -c 'yum update setroubleshoot' at the command line.
For more information, refer to "Managing Software with yum",
available at .

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-announce

Fedora 8 Update: setroubleshoot-2.0.5-2.fc8

February 28, 2008
This is a major upgrade of setroubleshoot

Summary

setroubleshoot gui. Application that allows you to view setroubleshoot-server

messages.

Provides tools to help diagnose SELinux problems. When AVC messages

are generated an alert can be generated that will give information

about the problem and help track its resolution. Alerts can be configured

to user preference. The same tools can be run on existing log files.

This is a major upgrade of setroubleshoot. The primary difference is how audit

data is captured, analyzed, and stored. Security vulnerabilities, performance,

usability, and robustness have been addressed in addition to general bug fixes.

Important Installation Notes: The format of the persistent data store has

changed, after installation the alert database will be newly initialized and

previous alerts will be lost. For most users this will not be an issue since

alerts are ephemeral and if the alerting issue persists a new alert will be

generated in the new format the next time it occurs. Also, some users may

experience an error dialog from sealert during installation due to the order in

which files are installed, this may safely be ignored and is a known issue.

After installation the sealert desktop component should be restarted, this can

be achieved by logging out of your desktop sesson or by issuing the following

commands from within the desktop session. % sealert -q % sealert -s

* Fri Feb 22 2008 - 2.0.5-2

- bump rev for build

* Wed Feb 6 2008 John Dennis - 2.0.5-1

- allow sealert -l lookup to accept * wildcard

- add a few more audit fields needing special decode handling

* Thu Jan 31 2008 - 2.0.4-1

- Resolve bug #430421: audit_listener_database.xml:3029: parser error in xmlParseDoc()

rewrite the audit_msg_decode logic to beaware of specific audit fields

- add new template substitution $SOURCE, a friendly name, $SOURCE_PATH still exists

and is the full path name of $SOURCE, also add 'source' attribute in AVC class,

fix how source and source_path are computed from audit's comm and exe fields

- fix the computation of tpath to also look at the audit name field, formerly

it had only been looking at path, fixes showing up for many targets

- add exception handling around xml file writes (Alan Cox reports problem when /var is full)

- add testing documentation

- Resolve bug #430845: obsolete URL in setroubleshoot package description

- Resolve bug #428960: Permissive message makes no sense.

- init script now allows extra test options

- show_browser() now opens and raises the window (e.g. presents) rather than just

assuring it's realized (e.g. iconified, or hidden)

- sealert -l message in syslog converts from html before writing to syslog

- Resolve bug #320881: export setroubleshoot_selinux_symposium in PDF format

- add code to verify all async rpc's have been cleared from the async rpc cache

- add code to set a default rpc method return if the interface does not define a callback

(methods which did not have a callback were not returning anything and hence were not

getting cleared from the cache)

* Fri Jan 11 2008 - 2.0.2-1

- Resolve bug #428252: Problem with update/remove old version

- Add code to validate xml database version, if file is incompatible it is not read,

the next time the database is written it will be in the new version format.

This means the database contents are not preserved across database version upgrades.

- Remove postun trigger from spec file used to clear database between incompatible versions

the new database version check during database read will handle this instead

- bullet proof exit status in init script and rpm scriptlets

- Resolve bug #247302: setroubleshoot's autostart .desktop file fails to start under a KDE session

- Resolve bug #376041: Cannot check setroubleshoot service status as non-root

- Resolve bug #332281: remove obsolete translation

- Resolve bug #344331: No description in gnome-session-properties

- Resolve bug #358581: missing libuser-python dependency

- Resolve bug #426586: Renaming translation po file from sr@Latn to sr@latin

- Resolve bug #427260: German Translation

- enhance the sealert man page

* Fri Jan 4 2008 - 2.0.1-1

- make connection error message persist instead of timeout in browser

- updated Brazilian Portuguese translation: Igor Pires Soares

- implement uid,username checks

- rpc methods now check for authenticated state

- fix html handling of summary string

- add 'named' messages to status bar, make sure all messages either timeout or are named

- fix ordering of menus, resolves bug #427418

- add 'hide quiet' to browser view filtering, resolves bug #427421

- tweak siginfo text formatting

- add logon to SECommandLine so that sealert -l works

* Fri Dec 28 2007 - 2.0.0-1

- prepare for v2 test release

- Completed most work for version 2 of setroubleshoot, prepare for test release

- import Dan's changes from the mainline

primarily allow_postfix_local_write_mail_spool plugin

- escape html, fix siginfo.format_html(), siginfo.format_text()

- add async-error signal

- change identity to just username

- make sure set_filter user validation works and reports error in browser

- fix generation of line numbers and host when connected to audispd

- add permissive notification, resolves bug #231334: Wording doesn't change for permissive mode

- resolves bug #244345: avc path information incomplete

- get the uid,gid when a client connects to the server

- set_filter now verifies the filter is owned by the user,

- resolves bug #288261: setroubleshoot lack of user authentication

- remove filter options which weren't being used

- change '@' in audit data hostname to '.'

- remove restart dialog

resolves bug #321171: sealert's dialog after update is higly confusing

- fix rpc xml arg

- fix handling of host value

- tweak what fields are in signature

- move data items which had been in 'avc' object into siginfo

- clean up siginfo format

- large parts of new audit data pipeline working, checkpoint

- fix duplicate xml nodes when generating xml tree

- audit event can now be xml serialized

- switch from using int's for audit record types to strings

- avoid conversion headaches and possibilty of not being

able to convert a new unknown type

- add logic to allow XmlSerialize to be subclassed and init_from_xml_node to be overridden

- add support to xml serialize classes AuditEventID, AuditEvent, AuditRecord

- use metaclass for xml class init

- start adding xml support to audit data classes

- Use metaclass to wrap class init

- move xml serialization code from signature.py to xml_serialize.py

- simplify aspect of the serialization code

- add unstructured xml mapping, each xml element name has its content mapped to obj.name

- modify xml serialization to be driven by xml contents

- general clean up

- checkpoint conversion of serialization to use metaclasses

- clean up class/data specifications for XmlSerializable

- add support for client rpc testing

- add changelog entry

- add SubProcess class to setroubleshootd in preparation to

- run daemon as subprocess so we can gather results and

compare them to the expected data we sent

- rewrite all plugins to use new v2 audit data

- add SubProcess class to setroubleshootd in preparation to

run daemon as subprocess so we can gather results and

compare them to the expected data we sent

- add new test support: add config section 'test', add boolean 'analyze' to

config test section, add class TestPluginReportReceiver which is installed

if test.analyze is True, it prints analysis report. In test_setroubleshootd

send AUDIT_EOE to assure sequential event processing so analysis results

have same ordering as events that are sent by test_setroubleshootd

- alert signatures now include host information, alerts will be grouped by host

[ 1 ] Bug #416351 - setroubleshoot does not escape regex chars in suggested cmds

https://bugzilla.redhat.com/show_bug.cgi?id=416351

[ 2 ] Bug #430421 - setroubleshoot - audit_listener_database.xml:3029: parser error in xmlParseDoc()

https://bugzilla.redhat.com/show_bug.cgi?id=430421

[ 3 ] Bug #430845 - obsolete URL in setroubleshoot package description

https://bugzilla.redhat.com/show_bug.cgi?id=430845

[ 4 ] Bug #428960 - Message makes no sense.

https://bugzilla.redhat.com/show_bug.cgi?id=428960

[ 5 ] Bug #320881 - Somebody just didn't get it!

https://bugzilla.redhat.com/show_bug.cgi?id=320881

[ 6 ] Bug #428252 - Problem with update/remove old version

https://bugzilla.redhat.com/show_bug.cgi?id=428252

[ 7 ] Bug #247302 - setroubleshoot's autostart .desktop file fails to start under a KDE session

https://bugzilla.redhat.com/show_bug.cgi?id=247302

[ 8 ] Bug #376041 - Cannot check setroubleshoot service status as non-root

https://bugzilla.redhat.com/show_bug.cgi?id=376041

[ 9 ] Bug #332281 - remove obsolete translation

https://bugzilla.redhat.com/show_bug.cgi?id=332281

[ 10 ] Bug #344331 - No description in gnome-session-properties

https://bugzilla.redhat.com/show_bug.cgi?id=344331

[ 11 ] Bug #358581 - missing libuser-python dependency

https://bugzilla.redhat.com/show_bug.cgi?id=358581

[ 12 ] Bug #426586 - Renaming translation po file from sr@Latn to sr@latin

https://bugzilla.redhat.com/show_bug.cgi?id=426586

[ 13 ] Bug #427260 - German Translation

https://bugzilla.redhat.com/show_bug.cgi?id=427260

[ 14 ] Bug #427418 - Menu layout is not GNOME HIG compliant

https://bugzilla.redhat.com/show_bug.cgi?id=427418

[ 15 ] Bug #427421 - Need a way to permanently ignore specific AVC logs

https://bugzilla.redhat.com/show_bug.cgi?id=427421

[ 16 ] Bug #231334

https://bugzilla.redhat.com/show_bug.cgi?id=231334

[ 17 ] Bug #244345 - missing filename in setroubleshoot (AVC.get_path() returns incomplete path)

https://bugzilla.redhat.com/show_bug.cgi?id=244345

[ 18 ] Bug #288261

https://bugzilla.redhat.com/show_bug.cgi?id=288261

[ 19 ] Bug #321171 - sealert's dialog after update is higly confusing

https://bugzilla.redhat.com/show_bug.cgi?id=321171

su -c 'yum update setroubleshoot' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

http://www.redhat.com/mailman/listinfo/fedora-package-announce

FEDORA-2008-2100 2008-02-28 21:14:27 Product : Fedora 8 Version : 2.0.5 Release : 2.fc8 URL : https://fedoraproject.org/wiki/Infrastructure/Fedorahosted-retirement Summary : Helps troubleshoot SELinux problems Description : setroubleshoot gui. Application that allows you to view setroubleshoot-server messages. Provides tools to help diagnose SELinux problems. When AVC messages are generated an alert can be generated that will give information about the problem and help track its resolution. Alerts can be configured to user preference. The same tools can be run on existing log files. This is a major upgrade of setroubleshoot. The primary difference is how audit data is captured, analyzed, and stored. Security vulnerabilities, performance, usability, and robustness have been addressed in addition to general bug fixes. Important Installation Notes: The format of the persistent data store has changed, after installation the alert database will be newly initialized and previous alerts will be lost. For most users this will not be an issue since alerts are ephemeral and if the alerting issue persists a new alert will be generated in the new format the next time it occurs. Also, some users may experience an error dialog from sealert during installation due to the order in which files are installed, this may safely be ignored and is a known issue. After installation the sealert desktop component should be restarted, this can be achieved by logging out of your desktop sesson or by issuing the following commands from within the desktop session. % sealert -q % sealert -s * Fri Feb 22 2008 - 2.0.5-2 - bump rev for build * Wed Feb 6 2008 John Dennis - 2.0.5-1 - allow sealert -l lookup to accept * wildcard - add a few more audit fields needing special decode handling * Thu Jan 31 2008 - 2.0.4-1 - Resolve bug #430421: audit_listener_database.xml:3029: parser error in xmlParseDoc() rewrite the audit_msg_decode logic to beaware of specific audit fields - add new template substitution $SOURCE, a friendly name, $SOURCE_PATH still exists and is the full path name of $SOURCE, also add 'source' attribute in AVC class, fix how source and source_path are computed from audit's comm and exe fields - fix the computation of tpath to also look at the audit name field, formerly it had only been looking at path, fixes showing up for many targets - add exception handling around xml file writes (Alan Cox reports problem when /var is full) - add testing documentation - Resolve bug #430845: obsolete URL in setroubleshoot package description - Resolve bug #428960: Permissive message makes no sense. - init script now allows extra test options - show_browser() now opens and raises the window (e.g. presents) rather than just assuring it's realized (e.g. iconified, or hidden) - sealert -l message in syslog converts from html before writing to syslog - Resolve bug #320881: export setroubleshoot_selinux_symposium in PDF format - add code to verify all async rpc's have been cleared from the async rpc cache - add code to set a default rpc method return if the interface does not define a callback (methods which did not have a callback were not returning anything and hence were not getting cleared from the cache) * Fri Jan 11 2008 - 2.0.2-1 - Resolve bug #428252: Problem with update/remove old version - Add code to validate xml database version, if file is incompatible it is not read, the next time the database is written it will be in the new version format. This means the database contents are not preserved across database version upgrades. - Remove postun trigger from spec file used to clear database between incompatible versions the new database version check during database read will handle this instead - bullet proof exit status in init script and rpm scriptlets - Resolve bug #247302: setroubleshoot's autostart .desktop file fails to start under a KDE session - Resolve bug #376041: Cannot check setroubleshoot service status as non-root - Resolve bug #332281: remove obsolete translation - Resolve bug #344331: No description in gnome-session-properties - Resolve bug #358581: missing libuser-python dependency - Resolve bug #426586: Renaming translation po file from sr@Latn to sr@latin - Resolve bug #427260: German Translation - enhance the sealert man page * Fri Jan 4 2008 - 2.0.1-1 - make connection error message persist instead of timeout in browser - updated Brazilian Portuguese translation: Igor Pires Soares - implement uid,username checks - rpc methods now check for authenticated state - fix html handling of summary string - add 'named' messages to status bar, make sure all messages either timeout or are named - fix ordering of menus, resolves bug #427418 - add 'hide quiet' to browser view filtering, resolves bug #427421 - tweak siginfo text formatting - add logon to SECommandLine so that sealert -l works * Fri Dec 28 2007 - 2.0.0-1 - prepare for v2 test release - Completed most work for version 2 of setroubleshoot, prepare for test release - import Dan's changes from the mainline primarily allow_postfix_local_write_mail_spool plugin - escape html, fix siginfo.format_html(), siginfo.format_text() - add async-error signal - change identity to just username - make sure set_filter user validation works and reports error in browser - fix generation of line numbers and host when connected to audispd - add permissive notification, resolves bug #231334: Wording doesn't change for permissive mode - resolves bug #244345: avc path information incomplete - get the uid,gid when a client connects to the server - set_filter now verifies the filter is owned by the user, - resolves bug #288261: setroubleshoot lack of user authentication - remove filter options which weren't being used - change '@' in audit data hostname to '.' - remove restart dialog resolves bug #321171: sealert's dialog after update is higly confusing - fix rpc xml arg - fix handling of host value - tweak what fields are in signature - move data items which had been in 'avc' object into siginfo - clean up siginfo format - large parts of new audit data pipeline working, checkpoint - fix duplicate xml nodes when generating xml tree - audit event can now be xml serialized - switch from using int's for audit record types to strings - avoid conversion headaches and possibilty of not being able to convert a new unknown type - add logic to allow XmlSerialize to be subclassed and init_from_xml_node to be overridden - add support to xml serialize classes AuditEventID, AuditEvent, AuditRecord - use metaclass for xml class init - start adding xml support to audit data classes - Use metaclass to wrap class init - move xml serialization code from signature.py to xml_serialize.py - simplify aspect of the serialization code - add unstructured xml mapping, each xml element name has its content mapped to obj.name - modify xml serialization to be driven by xml contents - general clean up - checkpoint conversion of serialization to use metaclasses - clean up class/data specifications for XmlSerializable - add support for client rpc testing - add changelog entry - add SubProcess class to setroubleshootd in preparation to - run daemon as subprocess so we can gather results and compare them to the expected data we sent - rewrite all plugins to use new v2 audit data - add SubProcess class to setroubleshootd in preparation to run daemon as subprocess so we can gather results and compare them to the expected data we sent - add new test support: add config section 'test', add boolean 'analyze' to config test section, add class TestPluginReportReceiver which is installed if test.analyze is True, it prints analysis report. In test_setroubleshootd send AUDIT_EOE to assure sequential event processing so analysis results have same ordering as events that are sent by test_setroubleshootd - alert signatures now include host information, alerts will be grouped by host [ 1 ] Bug #416351 - setroubleshoot does not escape regex chars in suggested cmds https://bugzilla.redhat.com/show_bug.cgi?id=416351 [ 2 ] Bug #430421 - setroubleshoot - audit_listener_database.xml:3029: parser error in xmlParseDoc() https://bugzilla.redhat.com/show_bug.cgi?id=430421 [ 3 ] Bug #430845 - obsolete URL in setroubleshoot package description https://bugzilla.redhat.com/show_bug.cgi?id=430845 [ 4 ] Bug #428960 - Message makes no sense. https://bugzilla.redhat.com/show_bug.cgi?id=428960 [ 5 ] Bug #320881 - Somebody just didn't get it! https://bugzilla.redhat.com/show_bug.cgi?id=320881 [ 6 ] Bug #428252 - Problem with update/remove old version https://bugzilla.redhat.com/show_bug.cgi?id=428252 [ 7 ] Bug #247302 - setroubleshoot's autostart .desktop file fails to start under a KDE session https://bugzilla.redhat.com/show_bug.cgi?id=247302 [ 8 ] Bug #376041 - Cannot check setroubleshoot service status as non-root https://bugzilla.redhat.com/show_bug.cgi?id=376041 [ 9 ] Bug #332281 - remove obsolete translation https://bugzilla.redhat.com/show_bug.cgi?id=332281 [ 10 ] Bug #344331 - No description in gnome-session-properties https://bugzilla.redhat.com/show_bug.cgi?id=344331 [ 11 ] Bug #358581 - missing libuser-python dependency https://bugzilla.redhat.com/show_bug.cgi?id=358581 [ 12 ] Bug #426586 - Renaming translation po file from sr@Latn to sr@latin https://bugzilla.redhat.com/show_bug.cgi?id=426586 [ 13 ] Bug #427260 - German Translation https://bugzilla.redhat.com/show_bug.cgi?id=427260 [ 14 ] Bug #427418 - Menu layout is not GNOME HIG compliant https://bugzilla.redhat.com/show_bug.cgi?id=427418 [ 15 ] Bug #427421 - Need a way to permanently ignore specific AVC logs https://bugzilla.redhat.com/show_bug.cgi?id=427421 [ 16 ] Bug #231334 https://bugzilla.redhat.com/show_bug.cgi?id=231334 [ 17 ] Bug #244345 - missing filename in setroubleshoot (AVC.get_path() returns incomplete path) https://bugzilla.redhat.com/show_bug.cgi?id=244345 [ 18 ] Bug #288261 https://bugzilla.redhat.com/show_bug.cgi?id=288261 [ 19 ] Bug #321171 - sealert's dialog after update is higly confusing https://bugzilla.redhat.com/show_bug.cgi?id=321171 su -c 'yum update setroubleshoot' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ Fedora-package-announce mailing list Fedora-package-announce@redhat.com http://www.redhat.com/mailman/listinfo/fedora-package-announce

Change Log

References

Update Instructions

Severity
Product : Fedora 8
Version : 2.0.5
Release : 2.fc8
URL : https://fedoraproject.org/wiki/Infrastructure/Fedorahosted-retirement
Summary : Helps troubleshoot SELinux problems

Related News

5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
28.Lock Globe Esm H320
1 - 2 min read
A resurgence of cyberattacks targeting Linux systems in Asian campaigns through the utilization of the Pupy Remote Access Trojan (RAT) has been
27.Tablet Connections Blocks Lock Esm H320
2 - 4 min read
Canonical has recently announced the Beta release of Ubuntu Linux 24.04 LTS , codenamed "Noble Numbat." This release aims to continue Ubuntu's
21.Globe RadiatingCode Esm H320
2 - 3 min read
The open-source movement has come a long way, from its origins in the 1960s and 1970s to becoming an integral part of organizations worldwide.
13.Lock StylizedMotherboard Esm H320
2 - 3 min read
The Rust-based Edera project demonstrates a unique approach to container security that addresses cloud-native computing challenges. Let's examine
8.Locks HexConnections CodeGlobe Esm H320
2 - 3 min read
Canonical has launched Ubuntu Pro for Devices , a comprehensive offering emphasizing security and compliance for IoT device deployments. This
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved