Your message dated Wed, 14 Oct 2009 10:22:40 +0000
with message-id <[email protected]>
and subject line Bug#503252: fixed in sepolgen 1.0.17-3
has caused the Debian Bug report #503252,
regarding policycoreutils: audit2allow -l doesn't work
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
503252: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=503252
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: policycoreutils
Version: 2.0.49-6
Severity: normal
If you don't have auditd running and you run the following command you
should expect no output:
load_policy ; dmesg|audit2allow -l
But it doesn't happen, it seems that the -l option doesn't work when
taking input from dmesg.
--- End Message ---
--- Begin Message ---
Source: sepolgen
Source-Version: 1.0.17-3
We believe that the bug you reported is fixed in the latest version of
sepolgen, which is due to be installed in the Debian FTP archive:
python-sepolgen_1.0.17-3_all.deb
to pool/main/s/sepolgen/python-sepolgen_1.0.17-3_all.deb
sepolgen_1.0.17-3.diff.gz
to pool/main/s/sepolgen/sepolgen_1.0.17-3.diff.gz
sepolgen_1.0.17-3.dsc
to pool/main/s/sepolgen/sepolgen_1.0.17-3.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Manoj Srivastava <[email protected]> (supplier of updated sepolgen package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Format: 1.8
Date: Wed, 14 Oct 2009 02:42:59 -0500
Source: sepolgen
Binary: python-sepolgen
Architecture: source all
Version: 1.0.17-3
Distribution: unstable
Urgency: low
Maintainer: Russell Coker <[email protected]>
Changed-By: Manoj Srivastava <[email protected]>
Description:
python-sepolgen - A Python module used in SELinux policy generation
Closes: 503252
Changes:
sepolgen (1.0.17-3) unstable; urgency=low
.
* [a1816e2]: [topic--audit-msg-fix]: fix detection of policy loads
Originally audit2allow used the avc: allowed message generated by
auditallow statement for load_policy to identify policy reloads.
Later it was switched to use the MAC_POLICY_LOAD events generated by
the audit framework. Those events should still get logged via printk
if auditd is not running, but it appears that the code
(audit_printk_skb) will then log the type= field as an integer
rather than a string, and audit2allow/sepolgen only looks for the
string MAC_POLICY_LOAD. So I suspect that this would be resolved by
modifying sepolgen/audit.py to also match on type=1403 for load
messages.
Bug fix: "audit2allow -l doesn't work", thanks to Russell Coker
(Closes: #503252).
Checksums-Sha1:
672f4cdf43578efbbe451cee5648b064efb2a4b9 1201 sepolgen_1.0.17-3.dsc
3e8b4f6db064faf261a53418228089d56d70c491 22008 sepolgen_1.0.17-3.diff.gz
f0c5fd463660857c831f439b38873e80f509c4f9 76292 python-sepolgen_1.0.17-3_all.deb
Checksums-Sha256:
93b391db4cc47984ca320b98415554083542bbdac76304b18f26bba5cf1d8b7c 1201
sepolgen_1.0.17-3.dsc
e15793189ac59dff37e9f116796eb86d3ddee0b1b82f852b484ea373fa016ddd 22008
sepolgen_1.0.17-3.diff.gz
582bc37d097338465d8e050802acd79476b0c0a1756847148755d829027e6eae 76292
python-sepolgen_1.0.17-3_all.deb
Files:
1f83cbcf2b943987b02be468671f997b 1201 python optional sepolgen_1.0.17-3.dsc
f1aebbde424d6f91a5fd65df63dd77e3 22008 python optional
sepolgen_1.0.17-3.diff.gz
e1edd87480f49d6b1c489e976508cd2c 76292 python optional
python-sepolgen_1.0.17-3_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14-svn0 (GNU/Linux)
iEYEAREDAAYFAkrVg8YACgkQIbrau78kQkzUUACg9qr7gvn3cqXiehFQa2YIpMWO
ihgAoI7n/zsNN0zYKiZ2pZoI4hz0W1wG
=HJJZ
-----END PGP SIGNATURE-----
--- End Message ---