[sos-devel] plugins/selinux fixfiles options doesn't work as intended
John Haxby
john.haxby at oracle.com
Tue Jan 13 14:22:22 UTC 2015
Hello All,
I was investigating selinux-related problems remotely and thought, ah,
I remember, sosreport has a fixfiles option for the selinux plugin:
sosreport -o selinux -kselinux.fixfiles
Imagine my disappointment when the fixfiles output in the sosreport
contained one single and not especially useful line:
Checking / /boot /dev /dev/hugepages /dev/mqueue /dev/pts /dev/shm /home /run /sys /sys/fs/cgroup
If you run sosreport like that what you'll see is a million and one
lines warning you that a lot of files don't have a default selinux
context and, if you keep your eyes peeled, you'll see some lines
reporting the wrong context for some files.
The fixfiles script doesn't work the way sosreport expects. Fixfiles
writes everything to a log file which, by default, is /dev/tty or
/dev/null if there is no tty. The following patch, which I hope you
will find useful, replaces "fixfiles check -v" with "restorecon -Rvn
2>/dev/null". For the purposes of sosreport, I don't believe the
warnings about no default context for a lot of files are useful which
is why stderr is discarded.
jch
More information about the sos-devel
mailing list