- Rename session bus name to org.fedoraproject.sealert
- seapplet: wrap SEApplet() to try except
- util.py: Add doctext test for build_module_type_cache()
- Update translations
- Add a screen reader label to the icon
- seapplet: avoid ValueError when parsing sealert.conf
- doc: Document performance related changes
- Decrease setroubleshootd priority and limit RAM utilization to 1GB
- Use setup from setuptools
- Use `pip install` instead of `setup.py install`
- Miscellaneous python and build system changes
- Fix couple of typos
- Drop Python2 support
- Use inspect.signature() instead of instead.getargspec()
- Update translations
A system which uses rpm ostree doesn't install rpms but images which are
pre-created in a build system. There's no guarantee that the build
system has the same uid/gid mapping for setroubleshoot as the local system.
systemd-tmpfiles's 'Z' type recursivelly sets the user and group
ownership on every reboot.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2012943
Previously the alarm was reset only in main DBUS thread and only when a new AVC
appeared. In cases when there were several AVC messages in short time, analyses
could take more than a default timeout and later analyses were not saved to
the database. Now we cancel pending timeouts before analyze_avc() and reset the
timeout back to default when it's done.
Fixes:
$ journalctl | grep 'sealert -l'
setroubleshoot[314039]: SELinux is preventing bash from search access on the directory .local. For complete SELinux messages run: sealert -l ccf3307a-f4ab-4584-87c6-63884daf841a
$ sealert -l ccf3307a-f4ab-4584-87c6-63884daf841a
Error
query_alerts error (1003): id (ccf3307a-f4ab-4584-87c6-63884daf841a) not found
- browser: Check return value of Gdk.Screen().get_default()
- Improve and unify error messages
- setroubleshoot.util: Catch exceptions from sepolicy import
- Add dpkg support
- Do not refer to hardcoded selinux-policy rpm in signature
- Make date/time format locale specific
- Improve speed of plugin evaluation
- Update "missing" scripts to automake-1.15
- Add active polling for acquiring policy file
- Fix translation of hex values in AVCs
- require initscripts to ensure that "service" call works properly
- Add man page for seapplet
- setroubleshoot-server: only require gobject-base
When only the server is being installed, there is no need for the
cairo portions of gobject. This change avoids pulling in the X11
stack.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
