Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 226999 - logwatch audit script exits prematurely with SELinux enabled
Summary: logwatch audit script exits prematurely with SELinux enabled
Alias: None
Product: Fedora
Classification: Fedora
Component: logwatch
Version: 6
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Ivana Varekova
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2007-02-02 15:57 UTC by Ted Rule
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2007-02-05 09:21:18 UTC

Attachments (Terms of Use)

Description Ted Rule 2007-02-02 15:57:05 UTC
Description of problem:

The combination of strict enforcing SELinux policy and this line in 

exit(0) unless -d '/selinux';

means that no log summary is produced for the "audit" service by

Because this line in /usr/share/logwatch/default.conf/services/audit.conf

*OnlyService = (kernel:)?\s*audit.*

filters out any non-audit log messages from the "pipe" into the service script,
it is effectively passed a null-length pipe if SELinux is not running anyway.
Hence the simplest fix is simply to remove the test for visibility of /selinux
in the logwatch service script, and avoid any further change to SELinux policy.

Version-Release number of selected component (if applicable):

logwatch-7.3-7.fc6 and selinux-policy-strict-2.4.6-27.fc6

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:

Comment 1 Ivana Varekova 2007-02-05 09:21:18 UTC
fixed in logwatch-7.3.2-6.fc7.

Note You need to log in before you can comment on or make changes to this bug.