setroubleshoot-3.3.35-2

- audit_data: include syslog when needed Resolves: RHEL-39978
2025-07-01 14:31:59 +02:00 · 2025-07-01 14:31:59 +02:00 · 0c5eceac1a
commit 0c5eceac1a
parent 7da6e1e43b
2 changed files with 48 additions and 1 deletions
--- a/0001-audit_data-include-syslog-when-needed.patch
+++ b/0001-audit_data-include-syslog-when-needed.patch
@ -0,0 +1,43 @@
 From c36a476e64bc695c439ffa691533b395977b6369 Mon Sep 17 00:00:00 2001
 From: Vit Mojzis <vmojzis@redhat.com>
 Date: Mon, 30 Jun 2025 18:04:55 +0200
 Subject: [PATCH] audit_data: include syslog when needed
 Fixes:
  setroubleshoot[5450]: Unable to process audit event: cannot access local variable 'syslog' where it is not associated with a value
  setroubleshoot[5450]: Traceback (most recent call last):
  setroubleshoot[5450]:   File "/usr/lib/python3.12/site-packages/setroubleshoot/audit_data.py", line 1106, in compute_avcs
  setroubleshoot[5450]:     avcs.append(AVC(audit_event, record))
  setroubleshoot[5450]:                 ^^^^^^^^^^^^^^^^^^^^^^^^
  setroubleshoot[5450]:   File "/usr/lib/python3.12/site-packages/setroubleshoot/audit_data.py", line 675, in __init__
  setroubleshoot[5450]:     self.derive_avc_info_from_audit_event(avc_record)
  setroubleshoot[5450]:   File "/usr/lib/python3.12/site-packages/setroubleshoot/audit_data.py", line 1021, in derive_avc_info_from_audit_event
  setroubleshoot[5450]:     raise AVCError(_("%s \n**** Recorded AVC is allowed in current policy ****\n") % self.avc_record)
  setroubleshoot[5450]: setroubleshoot.audit_data.AVCError: node=mmalik-1mt-centos-stream-10-10625-2024-06-03-07-41 type=AVC msg=audit(1717400917.313:578): avc:  >
  setroubleshoot[5450]:
  setroubleshoot[5450]: **** Recorded AVC is allowed in current policy ****
  setroubleshoot[5450]: During handling of the above exception, another exception occurred:
  setroubleshoot[5450]: Traceback (most recent call last):
  setroubleshoot[5450]:   File "/usr/lib/python3.12/site-packages/setroubleshoot/audit_data.py", line 1108, in compute_avcs
  setroubleshoot[5450]:     syslog.syslog(syslog.LOG_ERR, "%s" % e)
  setroubleshoot[5450]:     ^^^^^^
  setroubleshoot[5450]: UnboundLocalError: cannot access local variable 'syslog' where it is not associated with a value
 ---
 src/setroubleshoot/audit_data.py | 1 +
 1 file changed, 1 insertion(+)
 diff --git a/src/setroubleshoot/audit_data.py b/src/setroubleshoot/audit_data.py
 index de2b0f1..409492a 100644
 --- a/src/setroubleshoot/audit_data.py
 +++ b/src/setroubleshoot/audit_data.py
@@ -1105,6 +1105,7 @@ def compute_avcs(audit_event):
                 try:
                     avcs.append(AVC(audit_event, record))
                 except AVCError as e:
 +                    import syslog
                     syslog.syslog(syslog.LOG_ERR, "%s" % e)
     except Exception as e:
         import syslog
 -- 
 2.49.0
--- a/setroubleshoot.spec
+++ b/setroubleshoot.spec
@ -4,7 +4,7 @@
 Summary: Helps troubleshoot SELinux problems
 Name: setroubleshoot
 Version: 3.3.35
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPL-2.0-or-later
 URL: https://gitlab.com/setroubleshoot/setroubleshoot
 Source0: https://gitlab.com/setroubleshoot/setroubleshoot/-/archive/%{version}/setroubleshoot-%{version}.tar.gz
@ -12,6 +12,7 @@ Source1: %{name}.tmpfiles
 Source2: %{name}.sysusers
 # git format-patch -N 3.3.35
 # i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
 Patch0001: 0001-audit_data-include-syslog-when-needed.patch
 BuildRequires: gcc
 BuildRequires: make
 BuildRequires: libcap-ng-devel
@ -192,6 +193,9 @@ to user preference. The same tools can be run on existing log files.
 %doc AUTHORS COPYING ChangeLog DBUS.md NEWS README TODO
 %changelog
 * Tue Jul 01 2025 Vit Mojzis <vmojzis@redhat.com> - 3.3.35-2
 - audit_data: include syslog when needed (RHEL-39978)
 * Thu Mar 13 2025 Petr Lautrbach <lautrbach@redhat.com> - 3.3.35-1
 - Update tmpfiles.d config (bz#2346971)
 - Do not hardcode /var/lib/selinux as store_root