Fedora Core 6 Test Update: setroubleshoot-1.6-2.fc6
John Dennis
jdennis at redhat.com
Tue Nov 21 16:36:09 UTC 2006
---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2006-1272
2006-11-21
---------------------------------------------------------------------
Product : Fedora Core 6
Name : setroubleshoot
Version : 1.6
Release : 2.fc6
Summary : Helps troubleshoot SELinux problems
Description :
Provides tools to help diagnose SELinux problems. When AVC messages
are generated an alert can be generated that will give information
about the problem and help track its resolution. Alerts can be configured
to user preference. The same tools can be run on existing log files.
---------------------------------------------------------------------
Update Information:
This fixes bug #214218, which prevented the sealert browser
from opening if the local language was not english.
In addition this release adds support for log file scanning.
File->Open Logfile will open a log file for scanning. The
alerts which would have been generated from the audit
messages in the log file are displayed in the browser window
replacing the current real time audit alerts. You may then
switch between viewing the logfile alerts and the audit
alerts using the View menu. You may only have one logfile
open for view at a time. You must have permission to open
the logfile, if the log file is readable only by root
consider using a root account to copy the logfile to a
temporary location and changing the permissions.
Note, when alerts are generated via a logfile scan the
'Additional Information' detailed area of the alert will
contain line number information indicating which lines from
the log file contributed to the alert.
Logfile scanning may also be performed on the command line
via 'sealert -a filename', the -a command line option is for
'analyze'. When the command line version of log file
scanning is used the alerts are written to stdout.
---------------------------------------------------------------------
* Mon Nov 20 2006 John Dennis <jdennis at redhat.com> - 1.6-1
* logfile scanning finally seems to work connected to browser
* Additional Information section of report now includes line
number information (if alert was generated from logfile)
* replace database update_callback() with notify interface, a more
generic solution more easily shared between components
* object implementing rpc method is now explicitly attached via
connect_rpc_interface() instead of walking the MRO chain with
magic exclusions. explicitly connecting is more flexible and
robust (no getting the wrong object by mistake)
* fix handling of return args in local rpc case
* fix signal connections between audit and logfile
* split databae and database_properties for audit and logfile
* fix initial connection state
* fix lookup_local_id
* add more support for updating single rows in browser list view
rather than reloading everything
* correctly handle moving selection after a delete, lots of little
selection fixes.
* improve handling of ListStore model, nuke the kludgy pre-extended rows
* signatures_updated() now works
* fix bug #214218, sealert aborts if lang is not english, also
improve error handling, the actual error was not being trapped and
instead a subsequent error induced as a consequence was being
reported, which was a red herring, also fix redundant variable
which was used to hold the broswer window/widget instance.
* modify how changes to the database are propagated, database
object now takes an update callback. Now only the database is
responsible for reporting changes, previously it had been the
caller who modified the database and then had to also know what
type of update to signal. Modify the 'signatures_updated' family
of functions and signals to pass a upated type (add,delete,modify)
and an item identifier, currently the local id.
* signals to display the browser window now take an optional
argument to indicate what it should be displaying. This was added
for the case where the browser was visiting a logfile but the user
clicked on the alert notification icon, the browser should in this
instance always display the current alert, the user can use the
view menu to switch back to the logfile view after having viewed
the current alert.
* add timeout's to status messages
* tighten up the concept of 'visiting' in the browser, both in
data structure and methods, as well as status messages.
* make sure when the 'mark_seen' event triggers in the future it
is bound the database that generated it, not the currently viewed
database.
* fix some debug messages which were not inside 'if debug'
* move the signatures_updated signal to the database family of
objects.
* modify the RPC call mechanism so that it is possible to call a
local object through the RPC API without it connecting to a remote
object. Thus users of the RPC API can be ignorant if the object
they are bound to is local or remote.
* split the RPC interface for the server into server specific
entry points and a new database interface. The new database
interface supports the browser binding to either a remote database
or a local instance created for logfile scanning.
* fix how timestamps are assigned, we used to just timestamp an
alert when it arrived from the audit system but now with logfile
scanning timestamps are embedded in the logfile messages so in
order to display the correct time an event occurred we needed to
pass the timestamp read in the logfile through the pipeline.
* create a thread in the browser for logfile scanning, perform the
analysis in the thread with the browser GUI bound to the threads
operation, display the scanning progress in the progress bar.
* introduce the notion in the broswer of "visiting" a database, at
the moment one is either vising the audit database or the last
scanned logfile, added "View" menu and menu items to view the
audit database or the logfile. When visiting have the browser
connect to different signals. The visit mechanism still needs
some work.
* Wed Nov 8 2006 Dan Walsh <dwalsh at redhat.com> - 1.5-1
- Speed up startup of service
* Mon Nov 6 2006 Dan Walsh <dwalsh at redhat.com> - 1.4-1
- Many fixes
- Changed the api
* Tue Oct 24 2006 Dan Walsh <dwalsh at redhat.com> - 1.3-1
- Speed enhancments
- John Dennis <jdennis at redhat.com>
* log file parsing now approx 4 times faster
* greatly enhance the statistics reporting capability in attempt
to diagnose slow log file parsing performance
* make gathering of environmenatal information optional,
environment information is only relevant at the time the
alert fires, not in a post processing scenario
* clean up several places where environmental information was
assumed and/or was always gathered, or gathered in the wrong place.
* Tue Oct 17 2006 Dan Walsh <dwalsh at redhat.com> - 1.2-1
- Fix signature for PORT_NUMBER src command
* Tue Oct 3 2006 Dan Walsh <dwalsh at redhat.com> - 1.1-1
- Additional Plugins for port_t and device_t and mislabled files.
* Tue Oct 3 2006 Dan Walsh <dwalsh at redhat.com> - 1.0-1
- Release of first version
- Fix icon
- John Dennis <jdennis at redhat.com>
* Memory leak fixes
* Substitution fixes
* File names in hex fixes
* Fri Sep 29 2006 Dan Walsh <dwalsh at redhat.com> - 0.48-1
- Sealert only notify dropped connection once
- setroubleshoot shutdown cleanly
- John Dennis <jdennis at redhat.com>
* Gui cleanups
* Wed Sep 27 2006 Dan Walsh <dwalsh at redhat.com> - 0.47-1
* Change close key binding to ctrl-w
* Tue Sep 26 2006 Dan Walsh <dwalsh at redhat.com> - 0.46-1
- Add new plugins cvs_data, rsync_data, xen_image, swapfile, samba_share
- John Dennis <jdennis at redhat.com>
* clear the GUI of old data before loading new data,
fix the code used to display the filter icon in the filter column
* Tue Sep 26 2006 Dan Walsh <dwalsh at redhat.com> - 0.45-1
- John Dennis <jdennis at redhat.com>
* Major rewrite of the client/server RPC code,
* Sat Sep 16 2006 Dan Walsh <dwalsh at redhat.com> - 0.44-1
- Fix Affected RPMS handling
* Fri Sep 15 2006 Dan Walsh <dwalsh at redhat.com> - 0.43-1
- Fix mail handling
* fix bugs related to recording per user per signature filtering
- John Dennis <jdennis at redhat.com>
* fix bugs related to recording per user per signature filtering
- Karl MacMillan <kmacmill at redhat.com>
* Add signal handling to client and server.
* Fix minor plugin bugs.
* Thu Sep 7 2006 Dan Walsh <dwalsh at redhat.com> - 0.42-1
- Karl MacMillan
* Add rpm information for target.
* Add hostname and uname to signature info
* Add display of the full AVC
* Add display of the analysis id
* Change html generation to be separated out and us elemmenttree
- John Dennis
* add CommunicationChannel class to encapsulate data transfer
operations, in particular to provide an object threads can lock
during data transfer.
* checkpoint the logfile scanning code, somewhat working
* Thu Aug 31 2006 Dan Walsh <dwalsh at redhat.com> - 0.41-1
- Fix printing
* Thu Aug 31 2006 Dan Walsh <dwalsh at redhat.com> - 0.40-1
- Fix notification window problems. Now dissappears and does not regenerate if
it has already been seen
* Thu Aug 31 2006 Dan Walsh <dwalsh at redhat.com> - 0.39-1
- Add Icon
- John Dennis
* dispatcher.py: rework how audit messages injected into the
system and processed. Much of this work was in support of log file
scanning which should be coupled to the exact same processing code
as audit messages arriving from the audit socket. In essence log
file scanning synthesizes an audit message and we inject it into
the system the same way socket messages are injected. This was
also an excellent moment correctly handle out of order audit
messages, something we were not able to handle previously. This
may have been contributing to splitting what should have been a
single alert into two or more separate alerts because we didn't
recongize the incoming audit events as a single event. Correctly
assembling out of order messages introduced a fair amount of extra
complexity as we now maintain a cache of recent audit events, this
is fully documented in dispatcher.py
* Turn notifications back on by default.
- Karl MacMillan
* Separated out HTML rendering and made it easier to translate.
* Wed Aug 30 2006 Dan Walsh <dwalsh at redhat.com> - 0.38-1
- Dan Walsh
* Hook up the rest of the menu bars on browser window
* Add public_content.py plugin
- John Dennis
* add delete_signatures() method to AlertClient class
* start using the AppBar in the browser.
* "open logfile" now connected all the way from browser menu
to server rpc, still needs implementation, but "plumbing" is working.
* fixes for the date/time dialog
* remove install of setroubleshoot.glade, we now only use
setroubleshoot_browser.glade
* some fixed to DateTimeDialog
* Fri Aug 25 2006 Dan Walsh <dwalsh at redhat.com> - 0.37-1
- Add back in the status icon
* Thu Aug 24 2006 John Dennis <jdennis at redhat.com> - 0.36-1
- change dbclear trigger to 0.35
* Thu Aug 24 2006 John Dennis <jdennis at redhat.com> - 0.35-1
- add sorting on category column and seen column in browser,
fix reference to my_draw() in print function.
- make browser window hidden by default so it does not flash
when it's first realized, connect to the "realize" signal to
initially position the vpane, add signal handlers to track
when the browser is visible, the presentation of the status
icon now checks if the browser is visible, the status icon is
not presented if the browser is already displayed.
* Tue Aug 22 2006 Dan Walsh <dwalsh at redhat.com> - 0.34-1
- Standardize on the browser. remove alert window
- John Dennis Changes
* remove all vestiges of popup alert, now browser is the only
UI game in town
* restore the automatic updating of the browser window which had
been a regression, the AlertClient class now emits signals which
the GUI classes can connect to receive signals from the fault server,
also fix the "mark seen" regression
* browser.py: restore mark_seen timeout
* Tue Aug 22 2006 Dan Walsh <dwalsh at redhat.com> - 0.33-1
- Spell check plugins
- fix dbus instantiation
* Tue Aug 22 2006 Dan Walsh <dwalsh at redhat.com> - 0.32-1
- Add avc_syslog to syslog translated avc message
- Fix submitbug button
- John Dennis Changes
* fix signature inflation, all data attached to a signature is now
encapsulated in a SEFaultSignatureInfo (siginfo) class. The GUI no
longer reaches into a signature looking for information, it looks
in the siginfo. The Plugin class now defines the method
get_signature() which report() calls to obtain the signature. The
default signature provided by the Plugin class includes the
analysisID, an AVC with just the src & target contexts, and the
object_path. All data accesses and parameters which had been "sig
and solution" are now done via the unified siginfo class. There is
still a bit more work to be done on this but this represents a
reasonble point to checkpoint the code in CVS.
* Tue Aug 22 2006 Dan Walsh <dwalsh at redhat.com> - 0.31-1
- Fix desktop
* Tue Aug 22 2006 John Dennis <jdennis at redhat.com> - 0.30-1
* fix bug #203479, missing requires of audit-libs-python
* add support to sealert to listen on a dbus session signal to display
the gui. This is needed for when the status icon is not visible and
the user wants to see the UI. There is now a seperate program
setroubleshoot_launch_gui which emits the signal.
* Tue Aug 22 2006 Dan Walsh <dwalsh at redhat.com> - 0.29-1
- Add Requires: audit-libs-python
- Add translations
* Mon Aug 21 2006 Dan Walsh <dwalsh at redhat.com> - 0.28-1
- Fix allow_execmem.py file
- Add translations
* Mon Aug 21 2006 John Dennis <jdennis at redhat.com> - 0.27-1
* load_plugins() now catches exceptions when a plugin won't load,
reports the traceback in the log file, and continues with the next
plugin. Previously a bad plugin caused the entire plugin loading
to abort and no plugins were loaded.
* Add "daemon_name" to automake variables, change pid file to match
* turn off "noreplace" on config file till things settle down a bit
* browser.py now validates data, also test for missing column data in the
cell_data function to avoid exceptions.
* add stub for analyzie_logfile() rpc call
* turn off balloon notifications by default in config file,
libnotify is just plain busted at this point :-(
* only the setroubleshootd daemon creates it's log file
under /var/log now, the user app's do it in /tmp, change file
permissions on /var/log/setroubleshoot back to 0644.
* sealert now looks up the username rather than hardcoding it to "foo"
* CamelCase to lowercase_underscore clean up
* Mon Aug 21 2006 Dan Walsh <dwalsh at redhat.com> - 0.26-1
- Zero out datbase.xml for updated browser
* Mon Aug 21 2006 Dan Walsh <dwalsh at redhat.com> - 0.25-1
- Fix 64 bit issue that caused runaway problem
* Sun Aug 20 2006 Dan Walsh <dwalsh at redhat.com> - 0.24-1
- add missing runcmd
* Thu Aug 17 2006 John Dennis <jdennis at redhat.com> - 0.23-1
* fix for bug #202206, require correct version of audit,
fixes for audit connection.
* Thu Aug 10 2006 Dan Walsh <dwalsh at redhat.com> - 0.20-1
* add html support
* remove setroubleshoot_dispatcher
* Tue Aug 8 2006 Dan Walsh <dwalsh at redhat.com> - 0.19-1
2006-08-08 Dan Walsh <dwalsh at redhat.com>
* Fix up handling of mls ranges in context
* Cleanup some pychecker errors
2006-08-07 John Dennis <jdennis at redhat.com>
* add first seen, last seen, and report count to alert detail view
* make the seen icon work, if the alert has been displayed more
than N seconds, mark the alert as having been seen by the user
and update the icon is the list view
* change the schema for the xml data; the database now has a version,
there is a local id attached to each signature, the filter list in
the siginfo was replaced by a list of per user data, the per user
data now contains the filter, seen_flag. Modify all the code which
was operating on the filter information to use the new model.
* fix the xml serialization so that booleans can be used as a basic
type and also so that non-string types can be used in element
attributes (e.g. int, bool) and the serialization code will
automatically convert between python types and strings.
* Mon Aug 7 2006 Dan Walsh <dwalsh at redhat.com> - 0.18-1
- Add dispatcher.py
* Sat Aug 5 2006 Dan Walsh <dwalsh at redhat.com> - 0.17-1
- John Dennis <jdennis at redhat.com>
* clean up and rework the timestamp code in util.py so that
time zones are handled properly, there were a number of bugs.
Hopefully it's correct now because timezone handling is a pain.
* change the time format in the browser so all times are displayed
identically, the friendly time relative format was hard to compare.
* modify the plugin 'make install' to delete all existing plugin's
prior to installing the new ones
* add popup menu to status icon to choose between browser and
alert GUI (not fully connected yet). Several bug fixes related
to changing the filter_type from a string to an int.
* add filter selection to bottom pane, change filter_type from
string to integer constant. Enhance how columns are handled.
Get init_combo_box to work. Remove unused RPM and Bugzilla
fields from bottom pane. Modify the default size of the browser
window. Fix missing import in util.py.
* add ability in broswer to sort on columns, initially the report
count column and the last seen date column. The date column now
stores a TimeStamp object instead of a string. Add new method
to TimeStamp to return a friendly string relative to the current
time. The date column in the browser now has a cell data function
which invokes the friendly format method of the TimeStamp object.
* add ability fo serialize to/from xml for classes which can
inititialized from strings and serialized as strings (e.g. numbers,
TimeStamps, etc.)
* add count of how many times a signature is reported, the date
when first and last reported, add columns for report count and
last date count to browser.
* checkpoint browser code, list pane and detail pane now working.
* add initial support for browser applet, move some functions which
kept getting reused to util.py
* add reporting of environment to email alert (email alerts still
need work)
- Dan Walsh <dwalsh at redhat.com>
* Fix disable_trans.py set_boolean call
* Complete all boolean plugins except disable
* Change interface to use audit unix domain socket
* Fri Jul 28 2006 Dan Walsh <dwalsh at redhat.com> - 0.16-1
- John Dennis <jdennis at redhat.com>
* modify SetFilter in server to return errors instead of
throwing an exception. Default the filter list on each alert display.
* minor tweaks to alert queue handling
* fix analyze() parameter list in ftp_is_daemon.py plugin
* sealert now responds to pending alerts more correctly, it shows
how many pending alerts are in the queue, if you filter the pending
alert status is updated, the next alert button will advance you
to the next alert in the queue
* simplify major pieces of sealert by coalescing common code
into subroutines.
- Dan Walsh <dwalsh at redhat.com>
* Complete all boolean plugins except disable
* Make Close button work.
* Make setroubleshoot_dispatcher exit if it gets an avc about itself
* Wed Jul 26 2006 Dan Walsh <dwalsh at redhat.com> - 0.15-1
- Karl MacMillan
* Add generic templating mechanism to Plugin
* Ported all plugins to use templating mechanism
* Sat Jul 22 2006 Dan Walsh <dwalsh at redhat.com> - 0.13-1
- Fixes to plugins
- Fixes to dispatcher
* Fri Jul 21 2006 Dan Walsh <dwalsh at redhat.com> - 0.12-1
* Fix problem in dispatcher
* Fri Jul 21 2006 John Dennis <jdennis at redhat.com> - 0.11-1
* add email alerts
* stop the status icon from blinking, add notification balloon.
* Fri Jul 21 2006 Dan Walsh <dwalsh at redhat.com> - 0.10-1
- Fix startup order for setrobleshoot
- Fix Plugins
* Thu Jul 20 2006 Dan Walsh <dwalsh at redhat.com> - 0.9-1
- Additional Plugins plus a lot of cleanup
* Wed Jul 19 2006 Dan Walsh <dwalsh at redhat.com> - 0.8-1
- Added a bunch more plugins
- From 2006-07-19 Karl MacMillan <kmacmill at localhost.localdomain>
- Add allow_cvs_read_shadow.py, allow_ftp_use_cifs, allow_ftp_use_nfs, and allow_gssd_read_tmp.
- Change AVC to have additional helpers for matching messages.
- Change Plugin to work better with more than one solution.
* Wed Jul 19 2006 Dan Walsh <dwalsh at redhat.com> - 0.7-1
- Fix setroubleshoot_dispatcher to catch all information from avc. Much cleaner interface and no longer uses audit2allow cruft.
- Remove toolbar from popup window since it did nothing, and I think it looks better without it.
- fix allow_execmod plugin to report better data.
* Mon Jun 26 2006 John Dennis <jdennis at redhat.com> - 0.3-1
- add missing /var/log directory %files section in spec file, and add
logrotate script
* Mon Jun 26 2006 John Dennis <jdennis at redhat.com> - 0.2-1
- clean up spec file, reduce rpmlint complaints
* Fri May 19 2006 John Dennis <jdennis at redhat.com> - 0.1-1
- Initial build.
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/6/
297e8aa0b9812cb895c6272c4fb34c1d6656a112 SRPMS/setroubleshoot-1.6-2.fc6.src.rpm
297e8aa0b9812cb895c6272c4fb34c1d6656a112 noarch/setroubleshoot-1.6-2.fc6.src.rpm
5c8cbdc391b6c56fe679a4ebe60218a26611185c ppc/setroubleshoot-1.6-2.fc6.noarch.rpm
5c8cbdc391b6c56fe679a4ebe60218a26611185c x86_64/setroubleshoot-1.6-2.fc6.noarch.rpm
5c8cbdc391b6c56fe679a4ebe60218a26611185c i386/setroubleshoot-1.6-2.fc6.noarch.rpm
This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------
More information about the fedora-test-list
mailing list