Current File : //usr/share/doc/setroubleshoot-server/ChangeLog
2010-11-9 Dan Walsh <dwalsh@redhat.com>
- Add details button
- Fix deleteall
- Select plugin if only one
2010-11-2 Dan Walsh <dwalsh@redhat.com>
- Fix handling delete all
- Fix fix it button
- Make ignore button work.
2010-10-20 Dan Walsh <dwalsh@redhat.com>
- Make enable/disable seapplet work
- Fix display of icons
2010-10-20 Dan Walsh <dwalsh@redhat.com>
- Redesign of plugins and setroubleshoot
2010-07-22 Dan Walsh <dwalsh@redhat.com>
Fix os.exists call in setroubleshoot
2010-07-13 Dan Walsh <dwalsh@redhat.com>
- Update po
- Use -s flag in python to prevent using user site directory
2010-06-22 Dan Walsh <dwalsh@redhat.com>
- Patch to fix rpm version of policy
2010-06-16 Dan Walsh <dwalsh@redhat.com>
- Fix crash on avc messages that analysis finds faulty
2010-05-20 Dan Walsh <dwalsh@redhat.com>
- Fix permission on icons
- Add man pages for setroubleshoot and sedispatch
- Fix desktop file
2010-05-14 Dan Walsh <dwalsh@redhat.com>
- Fix crash on bad current_alert entry
2010-05-12 Dan Walsh <dwalsh@redhat.com>
- Remove Fedora log from bug report window
2010-05-11 Dan Walsh <dwalsh@redhat.com>
- Fix crash when new policy is available.
2010-05-6 Dan Walsh <dwalsh@redhat.com>
- Check if update program exists before asking if updates should happen
2010-05-6 Dan Walsh <dwalsh@redhat.com>
- Fix Changed icons
- Update po
2010-05-5 Dan Walsh <dwalsh@redhat.com>
- Change icons
2010-04-28 Dan Walsh <dwalsh@redhat.com>
- Fix man page to document sealert -f
- Update po
2010-04-26 Dan Walsh <dwalsh@redhat.com>
- Fix report_button handling
- Update po
2010-04-21 Dan Walsh <dwalsh@redhat.com>
- Fix Exception handling
2010-04-20 Dan Walsh <dwalsh@redhat.com>
- Fix translations by turning on glade domain
2010-04-18 Dan Walsh <dwalsh@redhat.com>
- Correct audit_data to output AVC data correctly on failures
2010-04-16 Dan Walsh <dwalsh@redhat.com>
- Change setroubleshoot to handle strings with nulls in them like abstract sockets
2010-04-08 Dan Walsh <dwalsh@redhat.com>
- Change setroubleshoot translations in the system default language
2010-03-29 Dan Walsh <dwalsh@redhat.com>
- Fix handling of current_alert list
- Fix handling of "/" devices
2010-03-10 Dan Walsh <dwalsh@redhat.com>
- Add white so plugins can tell system to ignore avc
2010-03-10 Dan Walsh <dwalsh@redhat.com>
- Allow dbus introspection
- Update po
2010-03-8 Dan Walsh <dwalsh@redhat.com>
- Fix browser to handle ignore flag
- Remove tpath for signature
- Fix audit2why handling for sealert and setroubleshoot
- Fix sort order selection
- Fix dontnotify handling
2010-03-5 Dan Walsh <dwalsh@redhat.com>
- Update po
2010-02-22 Dan Walsh <dwalsh@redhat.com>
- Make sure sealert current alert still exists when exiting
2010-02-14 Dan Walsh <dwalsh@redhat.com>
- Fix seapplet infinite loop from Tim Eliseo
2010-02-4 Dan Walsh <dwalsh@redhat.com>
- Fix ignore messages to now show up on seapplet start
2010-02-2 Dan Walsh <dwalsh@redhat.com>
- Remove packagekit dependency
2010-01-25 Dan Walsh <dwalsh@redhat.com>
- Move to use report patch from Gavin Romig-Koch
2010-01-25 Dan Walsh <dwalsh@redhat.com>
- Remove Alert - of - when no alerts present
- Remove selinux-policy from bugzilla white list check
2010-01-22 Dan Walsh <dwalsh@redhat.com>
- Remove attach bugzilla code
2010-01-20 Dan Walsh <dwalsh@redhat.com>
- Fix remember bugzilla password
2010-01-19 Dan Walsh <dwalsh@redhat.com>
- Remove send_interface from Setroubleshootd.conf
2010-01-13 Dan Walsh <dwalsh@redhat.com>
- Fix up default_encoding an translations
2009-12-5 Dan Walsh <dwalsh@redhat.com>
- Fix wording in bug report window
2009-12-3 Dan Walsh <dwalsh@redhat.com>
- Add delete button
- Fix ignore button
2009-11-30 Dan Walsh <dwalsh@redhat.com>
- Exit with non zero if run sealert as root
- Don't crash on analyzing empty files
2009-11-19 Dan Walsh <dwalsh@redhat.com>
- Fix Crash when ino is not defined
2009-11-18 Dan Walsh <dwalsh@redhat.com>
- Fix bug in semanage fcontext lines to substitute "." for " " in path
- Update po
2009-11-16 Dan Walsh <dwalsh@redhat.com>
- Fix semanage fcontext lines to substitute "." for " " in path
- Update po
2009-11-10 Dan Walsh <dwalsh@redhat.com>
- Fix bugzilla reporting to work on RHEL6
2009-11-2 Dan Walsh <dwalsh@redhat.com>
- Get version correct for both RHEL and Fedora
2009-10-29 Dan Walsh <dwalsh@redhat.com>
- Fix import gettext line
2009-10-26 Dan Walsh <dwalsh@redhat.com>
- Catch LoadError on Bugzilla reporting
2009-10-15 Dan Walsh <dwalsh@redhat.com>
- Change Browser to handle delete all and button when 0 alerts, 1
alert multiple alerts
- Add setroubleshoot icon
2009-10-13 Dan Walsh <dwalsh@redhat.com>
- Catch additional bugzilla exception
2009-10-8 Dan Walsh <dwalsh@redhat.com>
- Fix app to show starting windows
2009-10-7 Dan Walsh <dwalsh@redhat.com>
- Don't throw up error box if yum cache does not exist
2009-10-5 Dan Walsh <dwalsh@redhat.com>
- Fix fix_me button
- Remove Setroubleshoot: from every description
2009-10-1 Dan Walsh <dwalsh@redhat.com>
- Update Po
- Fix plural form
- Add support for Green Plugins
2009-9-26 Dan Walsh <dwalsh@redhat.com>
- Add source to the hash
- Suck in glade translations
2009-9-25 Dan Walsh <dwalsh@redhat.com>
- Fix browser handling bug reporting
2009-9-24 Dan Walsh <dwalsh@redhat.com>
- Patch for better internationalization
2009-9-22 Dan Walsh <dwalsh@redhat.com>
- Fix browser to be easier to translate
2009-9-17 Dan Walsh <dwalsh@redhat.com>
- Fix Browser Crash
2009-9-11 Dan Walsh <dwalsh@redhat.com>
- Fix permissive domain check
2009-9-10 Dan Walsh <dwalsh@redhat.com>
- Close leaked file descriptors
2009-9-9 Dan Walsh <dwalsh@redhat.com>
- Handle yum repo errors
2009-9-1 Dan Walsh <dwalsh@redhat.com>
- Fix to return class if the file is a pipe or socket
2009-8-31 Dan Walsh <dwalsh@redhat.com>
- Fix permissive message again
- Fix setroubleshootfixit
2009-8-26 Dan Walsh <dwalsh@redhat.com>
- Fix permissive message
2009-8-22 Dan Walsh <dwalsh@redhat.com>
- Change permissive message to differentiate between permissive mode
and permissive domain
2009-8-19 Thomas Liu <tliu@redhat.com>
- Minor GUI fixes.
2009-8-18 Thomas Liu <tliu@redhat.com>
- Added check for new policy.
2009-8-18 Dan Walsh <dwalsh@redhat.com>
- Default self.syscall to None
2009-7-29 Dan Walsh <dwalsh@redhat.com>
- Add Steve Grubs patch to drop capabilities on sedispatch
2009-7-27 Thomas Liu <tliu@redhat.com>
- Added logic to get the path when the name provided by the avc is "/"
2009-7-21 Dan Walsh <dwalsh@redhat.com>
- Added allowed_target_types into audit_data.py
2009-7-15 Dan Walsh <dwalsh@redhat.com>
- Fix handling of syscall record a1 field
- Translate "/" to mountpoint when returned by kernel
2009-7-07 Thomas Liu <tliu@redhat.com>
- Fixed detail doc not clearing when deleting all alerts
- Hid notify check when deleting all alerts.
2009-7-01 Dan Walsh <dwalsh@redhat.com>
- locate should use os.lstat instead of os.stat
2009-7-01 Thomas Liu <tliu@redhat.com>
- Fixed browser behavior when there are no alerts
- Fixed seapplet behavior when there are no alerts
- Made delete all button delete alerts on server side and on local side.
2009-6-29 Dan Walsh <dwalsh@redhat.com>
- Add open access to audit_data.py define statements
2009-6-25 Thomas Liu <tliu@redhat.com>
- Added bug status when you submit an already open bug
- Bug report now saves your password each session
2009-6-25 Thomas Liu <tliu@redhat.com>
- Added a "Copy to Clipboard" button to the browser GUI.
2009-6-22 Thomas Liu <tliu@redhat.com>
- Fixed avc.open_with_write()
2009-6-22 Thomas Liu <tliu@redhat.com>
- Fixed bug with reading the version that would cause rawhide users to not
be able to submit a bug and not get any feedback.
- Added avc.open_with_write()
2009-6-22 Thomas Liu <tliu@redhat.com>
Fixed submit bug not changing the pointer back after an error.
2009-6-22 Thomas Liu <tliu@redhat.com>
Fixed a few things with the success dialog
2009-6-22 Thomas Liu <tliu@redhat.com>
Fixed write of last bug to .setroubleshoot
2009-6-18 Thomas Liu <tliu@redhat.com>
Bug fixes to GUI, added Delete All Alerts menu item.
2009-6-16 Thomas Liu <tliu@redhat.com> Dan Walsh <dwalsh@redhat.com>
Major Rewrite of Browser code
2009-6-12 Dan Walsh <dwalsh@redhat.com>
Fix mlocate bug
2009-6-5 Dan Walsh <dwalsh@redhat.com>
Add mlocate functionality to figure out the path if we don't get full info from kernel
added by Thomas Liu
2009-6-3 Dan Walsh <dwalsh@redhat.com>
Fix handling of path
2009-5-21 Dan Walsh <dwalsh@redhat.com>
Fix profile collection exception
2009-5-6 Dan Walsh <dwalsh@redhat.com>
Fix setroubleshootd exiting after 10 seconds
2009-4-6 Dan Walsh <dwalsh@redhat.com>
Allow multiple signatures on lookup, return first match
2009-4-3 Dan Walsh <dwalsh@redhat.com>
Stop sending avc messages concerning setroubleshootd
2009-2-27 Dan Walsh <dwalsh@redhat.com>
Stop sedispatch logging on shutdown
2009-2-11 Dan Walsh <dwalsh@redhat.com>
# Save database on exit
2009-2-10 Dan Walsh <dwalsh@redhat.com>
# make sure setroubleshoot is running when using sealert -l
2009-2-10 Dan Walsh <dwalsh@redhat.com>
- sedispatch needs to connect to dbus on avc arrival,
instead of startup, since the dbus daemon is not started
when sedispatch starts
2009-1-21 Dan Walsh <dwalsh@redhat.com>
- Bugfixes and missing dbus files
2009-1-16 Dan Walsh <dwalsh@redhat.com>
- Change use dbus messaging from audit->audisp->sedisp->setroubleshoot
2008-12-11 Dan Walsh <dwalsh@redhat.com>
- Change to using C Based Applet
2008-10-06 Dan Walsh <dwalsh@redhat.com>
- remove .png from desktop files
2008-09-22 <jdennis@redhat.com>
- Fix pruning code
- Fix time stamps
2008-09-10 Dan Walsh <dwalsh@redhat.com>
- Fix numerous problems from previous changes
2008-09-09 Dan Walsh <dwalsh@redhat.com>
- Fix spelling mistakes, update-po
2008-02-08 John Dennis <jdennis@redhat.com>
- add dialog to run a command in the background, capture it's stdout & stderr
report it's status, kill it, and pass it a pseudo terminal for password prompts
- separate the fix command into it's own section in formatted alerts
- add UI for running the fix command, enable only if there is a single selection
and the selected alert has a fix command
- add a config parameters 'run_fix_cmd_enable' to control if fix commands
can be run, defaults to False
2008-02-07 <jdennis@redhat.com>
- Resolve bug #431380: prevent notify popups while setroubleshoot is open
2008-02-06 John Dennis <jdennis@redhat.com>
- allow sealert -l lookup to accept * wildcard
- add a few more audit fields needing special decode handling
2008-01-31 <jdennis@redhat.com>
- Resolve bug #416351: setroubleshoot does not escape regex chars in suggested cmds
- Resolve bug #430421: audit_listener_database.xml:3029: parser error in xmlParseDoc()
rewrite the audit_msg_decode logic to beaware of specific audit fields
- add new template substitution $SOURCE, a friendly name, $SOURCE_PATH still exists
and is the full path name of $SOURCE, also add 'source' attribute in AVC class,
fix how source and source_path are computed from audit's comm and exe fields
- fix the computation of tpath to also look at the audit name field, formerly
it had only been looking at path, fixes <Unknown> showing up for many targets
- add exception handling around xml file writes (Alan Cox reports problem when /var is full)
- add testing documentation
2008-01-30 <jdennis@redhat.com>
- Resolve bug #430845: obsolete URL in setroubleshoot package description
2008-01-16 John Dennis <jdennis@redhat.com>
- Resolve bug #428960: Permissive message makes no sense.
2008-01-15 John Dennis <jdennis@redhat.com>
- init script now allows extra test options
- show_browser() now opens and raises the window (e.g. presents) rather than just
assuring it's realized (e.g. iconified, or hidden)
- sealert -l message in syslog converts from html before writing to syslog
2008-01-14 <jdennis@redhat.com>
- Resolve bug #320881: export setroubleshoot_selinux_symposium in PDF format
- add code to verify all async rpc's have been cleared from the async rpc cache
- add code to set a default rpc method return if the interface does not define a callback
(methods which did not have a callback were not returning anything and hence were not
getting cleared from the cache)
2008-01-09 <jdennis@redhat.com>
- Resolve bug #428252: Problem with update/remove old version
- Add code to validate xml database version, if file is incompatible it is not read,
the next time the database is written it will be in the new version format.
This means the database contents are not preserved across database version upgrades.
- Remove postun trigger from spec file used to clear database between incompatible versions
the new database version check during database read will handle this instead
- bullet proof exit status in init script and rpm scriptlets
2008-01-09 <jdennis@redhat.com>
- Resolve bug #247302: setroubleshoot's autostart .desktop file fails to start under a KDE session
- Resolve bug #376041: Cannot check setroubleshoot service status as non-root
- Resolve bug #332281: remove obsolete translation
- Resolve bug #344331: No description in gnome-session-properties
- Resolve bug #358581: missing libuser-python dependency
- Resolve bug #426586: Renaming translation po file from sr@Latn to sr@latin
- Resolve bug #427260: German Translation
2008-01-08 <jdennis@redhat.com>
- improve test_setroubleshootd
read commands from stdin (send, send all, send next, send fileglob, list, quit)
permit comments in log files
permit processing directives in log files
allow multiple client connections
better messages
simpler invocation, improve command line args
2008-01-07 John Dennis <jdennis@redhat.com>
- enhance the sealert man page, also move it from the framework src
directory to the framework/doc directory
2008-01-04 <jdennis@redhat.com>
- make connection error message persist instead of timeout in browser
- updated Brazilian Portuguese translation: Igor Pires Soares <igor@fedoraproject.org>
- implement uid,username checks
- rpc methods now check for authenticated state
- fix html handling of summary string
- add 'named' messages to status bar, make sure all messages either timeout or are named
- fix ordering of menus, resolves bug #427418
- add 'hide quiet' to browser view filtering, resolves bug #427421
- tweak siginfo text formatting
- add logon to SECommandLine so that sealert -l <local_id> works
2007-12-28 <jdennis@redhat.com>
- Completed most work for version 2 of setroubleshoot, prepare for test release
2007-12-28 <jdennis@redhat.com>
- import Dan's changes from the mainline
primarily allow_postfix_local_write_mail_spool plugin
2007-12-27 <jdennis@redhat.com>
- escape html, fix siginfo.format_html(), siginfo.format_text()
- add async-error signal
- change identity to just username
- make sure set_filter user validation works and reports error in browser
- fix generation of line numbers and host when connected to audispd
- add permissive notification, resolves bug #231334: Wording doesn't change for permissive mode
- resolves bug #244345: avc path information incomplete
2007-12-22 <jdennis@redhat.com>
- get the uid,gid when a client connects to the server
- set_filter now verifies the filter is owned by the user,
- resolves bug #288261: setroubleshoot lack of user authentication
- remove filter options which weren't being used
- change '@' in audit data hostname to '.'
- remove restart dialog
resolves bug #321171: sealert's dialog after update is higly confusing
2007-12-21 <jdennis@redhat.com>
- browser works
- fix rpc xml arg
- fix handling of host value
- tweak what fields are in signature
2007-12-21 <jdennis@redhat.com>
- move data items which had been in 'avc' object into siginfo
- clean up siginfo format
2007-12-21 <jdennis@redhat.com>
- large parts of new audit data pipeline working, checkpoint
- fix duplicate xml nodes when generating xml tree
2007-12-19 <jdennis@redhat.com>
- audit event can now be xml serialized
2007-12-17 <jdennis@redhat.com>
- switch from using int's for audit record types to strings
- avoid conversion headaches and possibility of not being
able to convert a new unknown type
2007-12-14 <jdennis@redhat.com>
- add logic to allow XmlSerialize to be subclassed and init_from_xml_node to be overridden
- add support to xml serialize classes AuditEventID, AuditEvent, AuditRecord
2007-12-12 <jdennis@redhat.com>
- use metaclass for xml class init
- start adding xml support to audit data classes
2007-12-12 <jdennis@redhat.com>
- Use metaclass to wrap class init
2007-12-11 <jdennis@redhat.com>
- move xml serialization code from signature.py to xml_serialize.py
- simplify aspect of the serialization code
2007-12-10 <jdennis@redhat.com>
- add unstructured xml mapping, each xml element name has its content mapped to obj.name
2007-12-10 <jdennis@redhat.com>
- modify xml serialization to be driven by xml contents
- general clean up
2007-12-09 <jdennis@redhat.com>
- checkpoint conversion of serialization to use metaclasses
- clean up class/data specifications for XmlSerializable
2007-12-04 <jdennis@redhat.com>
- add support for client rpc testing
2007-Oct-18 <jdennis@redhat.com>
- add changelog entry
- add SubProcess class to setroubleshootd in preparation to
- run daemon as subprocess so we can gather results and
compare them to the expected data we sent
2007-Oct-17 <jdennis@redhat.com>
- rewrite all plugins to use new v2 audit data
2007-10-18 <jdennis@redhat.com>
- add SubProcess class to setroubleshootd in preparation to
run daemon as subprocess so we can gather results and
compare them to the expected data we sent
2007-10-16 <jdennis@redhat.com>
- add new test support: add config section 'test', add boolean 'analyze' to
config test section, add class TestPluginReportReceiver which is installed
if test.analyze is True, it prints analysis report. In test_setroubleshootd
send AUDIT_EOE to assure sequential event processing so analysis results
have same ordering as events that are sent by test_setroubleshootd
2007-10-03 <jdennis@redhat.com>
- alert signatures now include host information, alerts will be grouped by host
2007-10-02 <jdennis@redhat.com>
- Fix spec file requires for opening an HTML page
In configure.ac search for xdg-open and htmlview in priority order,
set variable html_browser_open to the one found, in spec file require
xdg-utils for fedora and htmlview for RHEL.
2007-10-01 John Dennis <jdennis@redhat.com>
- add "Host" column in browser
add "Toggle Column Visibility" menu to toggle display of any column on/off
2007-09-28 <jdennis@redhat.com>
- Resolves bug #310261: setroubleshoot notifications aren't throttled
- add support for AUDIT_EOE, end-of-event, if AUDIT_EOE immediately
emit cached event. Disable timeouts used to flush events if
AUDIT_EOE has been seen.
2007-09-24 John Dennis <jdennis@redhat.com>
- update code for command line log file scanning to work with
new log file scanning code introduced for the browser.
- update Bulgarian translation (Doncho N. Gunchev (gunchev@gmail.com))
- update Polish translation (Piotr Drąg (raven@pmail.pl))
2007-09-20 John Dennis <jdennis@redhat.com>
- Resolves bug #239893: sealert wakes up very often
This was caused by the use of threads and pygtk's thread signal
handling. The only use of threads in sealert was for log file
scanning so that the UI would remain responsive during a
scan. Threads in sealert have now been completely
removed. Instead the scanning work is performed in a gobject idle
function called from the main loop. The idle function is written
as a python generator function which allows for the function to
perform a small amount of work, save it's execution state and
return. The next time the idle function is called from the main
loop it resumes execution from it's last state until it decides
to yield control again. This way the long running scan/analysis
can be performed in small successive units of work during the
time the application is otherwise idle and it does not interfere
with the rest of the GUI event processing. Everything now occurs
in an event loop, think of it as the applications process/thread
scheduler whose event handlers execute time slices.
- rewrote parts of the audit input pipeline to use generators
instead of callbacks, thus permitting the logfile scanning code
to yield control with more granularity. Also updated
test_setroubleshootd and audisp_listen to use the new
generator/yield logic.
- rewrote the dialog used for scanning log files, progress bar
updates are now in the dialog, the scan can be terminated part
way through, errors from the scan are reported in pop-up dialog,
one can only dismiss the dialog with success if the scan had
been successfully run to completion, otherwise the user is only
left with the option to cancel.
2007-09-17 John Dennis <jdennis@redhat.com>
- Relates bug #252035 bug #247469, setroubleshootd and sealert should
exit if SELinux is disabled.
- add utility functions escape_html() and unescape_html()
- fix initial sort order in browser, track sort order in browser
2007-09-15 John Dennis <jdennis@redhat.com>
- modify AVC.get_path() to only return a value if the 'path' field is
set, formerly it also considered the fields 'name' & 'file' which were
incorrect. get_path() now also looks to see if the string begins with a
slash for a fully qualified path, if not it looks to see if its a
pseudo path such as 'pipe[12345]' or 'socket[12345]' and if so strips out
the instance information inside the brackets and returns just the type of
the pseudo path. This is done because we do not want path information
in the signature to be unique for each instance of the denial.
- modify the TimeStamp class to hide it's internal datetime member,
remove the cmp() method, the internal __cmp__ will be automatically invoked.
- require selinux policy version in spec file to allow system dbus use
- Resolves bug #256601: audit2allow generates incorrect syntax when comma "," in
denied list
- update po i18n files
2007-09-10 John Dennis <jdennis@redhat.com>
- Add support for pruning database by age and size
2007-09-08 John Dennis <jdennis@redhat.com>
- modify avc_audit.py to use new audit_data.py implementation
- can listen for audit events on either /var/run/audit_events
in bindary protocol mode or /var/run/audisp_events in
text protocol mode
2007-09-01 John Dennis <jdennis@redhat.com>
- remove all copied code from test_setroubleshootd, now we import
from setroubleshoot
- export ClientConnectionHandler from rpc.py as a base class.
Derive SetroubleshootdClientConnectionHandler and
AuditClientConnectionHandler from ClientConnectionHandler.
- add audisp_listen as test program
2007-08-31 John Dennis <jdennis@redhat.com>
- create setroubleshoot sym link in top devel directory pointing
to src so import setroubleshoot.foo if PYTHONPATH=topdir
- add get_option, convert_cfg_type to config.py.in so that one
can pass optional dict to override config file settings
- rewrite log_init() so it's easier for other programs to use it,
fix the import logic concering log & config
- remove log code from test_setroubleshoot, now just does import
from setroubleshoot.
- test_setroubleshootd can now handle audit records in both text
and binary formats, can be selected by command line arg. It can now
either output to clients connecting on a socket or to stdout. Can
now optionally exit after N socket client connections.
- remove non audit record lines from test data
- remove config_init() and log_init() from package __init__.py
It was the wrong place to call them, now call them when the
process initializes before the first setroubleshoot imports
2007-08-28 John Dennis <jdennis@redhat.com>
- add parse_config_setting() and set_config() to config module
- setroubleshootd now accepts -c --config command line arg
- test_sectroubleshoot: add err defines & program_error exception
add is_valid() tests to assure we read a valid audit record
log the unrecognized line if not valid, clean up socket close()
- Relates Bug #247056, update initscript to LSB standards
Note: LSB initscripts in Fedora is not yet a resolved issue,
the changes implemented were to add an LSB block and support
the new LSB try-restart and force-reload commands. However
the new /lib/lsb/init-functions are NOT currently used as this
is the unstable part.
2007-08-22 John Dennis <jdennis@redhat.com>
- wrap XML generation inside try/except
- correct how access list is obtained in avc_auparse.py
2007-08-21 John Dennis <jdennis@redhat.com>
- add try/except around top level of AnalyzeThread.run so exceptions
in the thread get reported and the analysis thread does not just die.
- also add try/except around LogfileThread.process_logfile
2007-08-21 John Dennis <jdennis@redhat.com>
- add new function assure_file_ownership_permissions()
- server now forces it's database file permissions/ownership to be 0600 root:root
- rpm now forces the server's database file permissions/ownership to be 0600 root:root
- Resolves Bug #251545: Review Request: setroubleshoot-plugins - analysis plugins for setroubleshoot
- clean up some other rpmlint warnings in setroubleshoot.spec
- fix missing install of setroubleshoot icon and sym link to it
2007-08-13 John Dennis <jdennis@redhat.com>
- Resolves Bug #251551, setroubleshoot shows up in in wrong desktop menu
also run desktop-file-install in rpm %install
2007-08-09 John Dennis <jdennis@redhat.com>
- add /etc/dbus-1/system.d/setroubleshootd.conf dbus configuration file
- Resolves Bug #250979, Bug #250932 Missing dependencies
- Restore plugins/Makefile.am which got nuked somehow
- remove dus.dbus_bindings.bus_name_has_owner(), deprecated as of F7
- wrap rpm transactions in try/except
2007-07-31 Dan Walsh <dwalsh@redhat.com>
- Added execute.py plugin
- Added test scripts and logs for testing
- Fixed up some plugins
2007-07-07 John Dennis <jdennis@redhat.com>
- Add dbus-send to %post in rpm spec file to signal sealert restart.
- Add requires for dbus to spec file
2007-07-06 John Dennis <jdennis@redhat.com>
- Resolves Bug #247207, g_thread_init() must be called before all
other GLib functions. Moved location of gobject.threads_init()
to right after import gobject and imported gobject first.
2007-07-06 John Dennis <jdennis@redhat.com>
- fix unintended recursion problem with restart command. It appears as
though dbus uses the same signal name space as does gobject, thus
because we had a dbus object implementing a 'restart' signal and that
same object emitted a 'restart' signal the emit() caused infinite
recursion, rename signal to 'restart_request'.
- remove all usage of icon file path, all icon usage now based on icon name
- restart dialog now has icon and title
2007-07-05 John Dennis <jdennis@redhat.com>
- add try/finally clauses around all code which needs to free
libxml2 data so that we never leak memory even if we get an
exception while processing libxml2 documents. The finally clause
assures clean up always occurs.
- add setroubleshootd DBUS system bus. This allows us to detect through
an out of band channel when setroubleshootd starts and stops running,
we no longer poll retry connection attempts to the daemon, this was
inefficient if the daemon was not enabled. Now we connect only when we
get a DBUS message saying the daemon is running.
- add 'restart' signal to the setroubleshootd DBUS. This allows a shell
script such as in RPM %post to signal sealert to restart. Remove the
previous code when would restart sealert if upon reconnect with the daemon
package version between sealert and setroubleshoot had changed, this was
subject to a race condition (the daemon might have been upgraded and restarted
with sealert upgraded next, but might sealert might restart while its python
files were in the process of being installed, hence the race).
2007-07-03 Dan Walsh <dwalsh@redhat.com>
- Cleanup of a couple of plugins
- inetd_bind should check for inetd_t
- Remove rhpl from other plugins
2007-06-30 John Dennis <jdennis@redhat.com>
- Resolves But #239362 Character encoding problem
Actually the entire detail view (rendered as HTML) had the wrong
encoding, since we did not explicitly set it to UTF-8 it defaulted to
the default HTML charset ISO-8859-1. We now include an HTML header in
the HTML document and set the meta http-equiv="Content-Type" in the
HTML document header to specify the UTF-8 charset.
2007-06-25 John Dennis <jdennis@redhat.com>
- Resolves Bug #244049 POTFILES.in references non-existent file
- Rebuild PO files
2007-06-12 John Dennis <jdennis@redhat.com>
- Resolves Bug# 241739, this bug is the lead bug for several bug reports,
all consequences of the same problem, setroubleshootd/sealert when run
in a non latin language environment because of incompatibilities in
i18n encoding between components.
2007-05-30 John Dennis <jdennis@redhat.com>
- add avc_auparse.py, now has option to use audit parsing library instead of
built-in audit parsing.
- Resolves Bug# 238516, python pkg directory not owned
2007-04-04 John Dennis <jdennis@redhat.com>
- add connection_state_change handler to AlertData object to monitor it's
database connection. Now AlertData is responsible for loading data when
the connection is established and for clearing it when the connection is
lost, as opposed to the browser object.
2007-04-03 John Dennis <jdennis@redhat.com>
- add set_properties() to AlertData class so properties-changed signal will be emitted
when it changes, call set_properties in the right places.
- fix bug in StatusMessageManger caused by modifying a list during iteration
- move set_visit_message from browser to status bar
- add "No Connection" to "Connect To" dialog, update code to handle no connection
- fix connection error messages
- move socket address creation out of Connect Dialog
- move 'default_port' from client & server config sections in config file (since
it's shared between them) into 'connection' config section
- add friendly_name to SocketAddress
2007-03-23 John Dennis <jdennis@redhat.com>
- add new ConnectionState class to better express and control the state
of socket connections, rework signal connections related connecton
state monitoring, enhance error reporting related to connections.
- add new Retry class to better handle attempts to retry failed connections,
especially add the ability to stop the attempts, the Retry class now emits
it's own signals. The Retry class has more flexibility as to notifications
of its operations.
- add SocketAddress class to better encapsulate connection information and
provide better logging of connection transactions.
- add "Connect To" menu item to browser which allows browser to disconnect from
current audit listener to reconnect to different audit listener on remote
system. Rework the code in sealert and browser related to mananaging connections.
2007-03-19 Dan Walsh <dwalsh@redhat.com>
- Remove disable_trans boolean
- Check for paths in filesystem before suggesting chcon -R
- Remove default to listen on local ports
2007-03-06 John Dennis <jdennis@redhat.com>
- remove noreplace option setroubleshoot.cfg in spec file, so config file
is always updated
- replace cfg global object with get_config(), which handles exceptions
and logs the error
- add get_hostname() utility
- add "listen" config option to local_fault_server
- add parse_socket_address_list() and get_server_listen_addresses()
- server now can listen on multiple addresses
2007-03-05 John Dennis <jdennis@redhat.com>
- install icon in /usr/share/icons, refer to icon by name using standard API
- Fix performance problems in setroubleshoot browser log file scanning
- Significant rewrite of data/view management code in setroubleshoot
browser. data and view now cleanly separated, can easily switch
between data views while maintaining selections, view state, with
proper update of status information in status area
- Resolves Bug# 227806: right click context menu resets selection
- Logfile scans now operate in independent thread, proper asynchronous
updates of browser during scan, browser used to appear to hang
- Resolves Bug# 224340: Rewrite Menu/Toobar/Popup to use UIManger instead of glade
- Add toobar support
- Implement GUI to edit email recipient list in setroubleshoot browser
- Added user help to setroubleshoot browser
- Related Bug# 224343: Fix setroubleshoot browser to respond to desktop theme changes
- improve traceback error reporting in sealert
- rewrite AboutDialog, replacing glade version
- Resolves bug #229849 Bug# 230115, Relates bug #221850: fix uuid code to resolve
'_uuid_generate_random' is not defined error
2007-02-09 John Dennis <jdennis@redhat.com>
- Resolves Bug# 227313 Processed: sealert -l doesn't show time
2007-02-9 Dan Walsh <dwalsh@redhat.com>
- Remove avc from Plugin.py, No longer exists
2007-02-7 Dan Walsh <dwalsh@redhat.com>
- Remove tempfile handling from util.py, seems to be causing lots of avc messages and the code is not used
2007-02-05 John Dennis <jdennis@redhat.com>
- Resolves: bug# 227160: setroubleshoot browser has typo in solution for
"SELinux is preventing xen (/usr/sbin/tapdisk) "search" to home (home_root_t)."
- fix "mark seen" update mechanism, was causing slow performance because
we were adding a timeout everytime any alert was updated.
2007-02-01 John Dennis <jdennis@redhat.com>
- Resolves: Bug# 224343 sealert's "Aditional Info:" text should be in white box
- Resolves: Bug# 224336 sealert should have GtkRadioButtons in menu View
2007-01-31 John Dennis <jdennis@redhat.com>
- Related: bug #224351
Rewrite parts of logging support to better support changing output
categories, output destinations. Now -v -V verbose works in sealert.
2007-01-26 Dan Walsh <dwalsh@redhat.com>
- Make setroubleshoot.logrotate correctly
2007-01-29 John Dennis <jdennis@redhat.com>
- Resolves bug# 225161, granted AVC's incorrectly identified as a denial
2007-01-24 John Dennis <jdennis@redhat.com>
- add alert count to status bar
2007-01-23 John Dennis <jdennis@redhat.com>
- add "Help" command to Help menu, opens web browser on wiki User FAQ
2007-01-26 Dan Walsh <dwalsh@redhat.com>
- add and cleanup plugins
- update po
2007-01-11 John Dennis <jdennis@redhat.com>
- Resolves: bug# 221850
plugin module loading was failing in python 2.5 with the message
"SystemError: Parent module 'plugins' not loaded". This is due to a
change in behavior between python 2.4 and 2.5, in python 2.4 the lack
of a parent module was silently ignored. The fix is to load
plugins.__init__ first.
2007-01-05 John Dennis <jdennis@redhat.com>
- change SETroubleshootDatabase so it is optional if it's backed
by a file, this fixes the problem of us littering temporary files
when scanning logfiles which does not require persistence.
- disable the view logfile menu item if no logfile has been opened
- fix redundant log messages for case where there is no log file and
the console flag is set. When there is no log file the logging
module opens a console stream, thus the console stream produced
by the console flag was redundant.
2007-01-04 John Dennis <jdennis@redhat.com>
- add username and password command line arguments
rework startup logic so that all command line args are processed
before we do any real work
2007-01-04 John Dennis <jdennis@redhat.com>
- rework the email preferences so that each email address can
have a filter type associated with it.
add a new filter_type "Ignore After First Alert" which filters
after the first alert has been delivered
2007-01-04 John Dennis <jdennis@redhat.com>
- add UI for setting the email addresses alerts are sent to.
Add menu item to edit email list, add email list dialog.
Remove 'recipient' config file entry, now list is stored
in separate file. Add rpc to query and set the email list,
the GUI calls this to get the current list from the server
and set it in the server, it is the server which reads and
writes the file. Add 'enable' flag to each email entry.
Modify how the server iterates over the email list when it
receives an alert. When marking an alert as having been sent
the username is the email address but with 'email:' prepended so
as not to collide with non-email filtering options for the same user.
2006-12-15 John Dennis <jdennis@redhat.com>
- Replace delete and expunge menu labels with something more intuitive
- add ability for browser to be restarted with identical window
position and state
- add pkg version and protocol version to logon handshake, test for
compatibility between clint and server, prompt for restart
- add non-modal restart dialog
- add dialog to display traceback if sealert faults with an uncaught
exception, try to limit invisible errors
- fix return args on rpc method
- add instance id to server
2006-14-09 Dan Walsh <dwalsh@redhat.com>
- Fix msg.decode('hex') to not translate digits
- More translations
2006-13-09 Dan Walsh <dwalsh@redhat.com>
- Fix more plugins
- Use regex in typeMatch code
2006-13-09 Dan Walsh <dwalsh@redhat.com>
- Use comm instead of exe if the exe is a shell, python or perl
- More translations
- Added tests and avc logs for plugin testing
2006-12-09 Dan Walsh <dwalsh@redhat.com>
- Change sealert to be able to be run without X-Windows display
- It can now be run from a Web Site
2006-12-08 John Dennis <jdennis@redhat.com>
- add pkg_version to config so client and server can cross check
if they are running the same installation.
2006-12-08 Dan Walsh <dwalsh@redhat.com>
- Change avc_audit.py to allow it to analyze /var/log/messages
2006-12-05 John Dennis <jdennis@redhat.com>
- fix bug in update_alert_view(), siginfo.get_user_data() failed sometimes
because failed to check for siginfo == None
- add right click menu in list view for common operations on alerts
2006-12-04 John Dennis <jdennis@redhat.com>
- Resolves: bug# 218150,
"If view is set to "hide delete" you cannot filter new entries"
Actually, the bug was toggle cell renderer was connected to the
base model instead of the model attached to the view, the sort
model, this meant the toggle was occurring on the wrong row if
the view was sorted differently than the base model.
- also fix, the server was not emitting a update message when either
the seen flag or the filter value was modified, discovered when
debugging bug# 218150, and fix redundant setting of the seen flag
when it's value had not actually changed.
- make default value of sealert log file be 'append' instead of
'write' because of the way sealert is launched, many times all
an invocation of sealert does is to emit a dbus message to an
already running copy of sealert, but in write mode each invocation
would truncate the log file, what really needs to happen is for the
log initialization code to detect if a copy of sealert is already
running or only init logging under certain launch modes.
2006-12-01 John Dennis <jdennis@redhat.com>
- fix bug, "could not convert path to a GtkTreePath" when database
is initially empty, caused by last_selected_row == None
2006-11-30 John Dennis <jdennis@redhat.com>
- Resolves: bug# 217961, sealert needs pygtk2-libglade
- more i18n translations
2006-11-29 John Dennis <jdennis@redhat.com>
- Resolves: bug# 217710, date representation did not respect locale,
at the same time remove old date formatting code, now cruft since we
can't use it because it was specific to US English.
- fix how selections are handled when rows are expunged.
2006-11-29 John Dennis <jdennis@redhat.com>
- add Copy to Edit menu, for copying selection from detail pane,
unfortunately gtkhtml2 widget does not preserve line breaks between
table rows.
2006-11-28 John Dennis <jdennis@redhat.com>
- Resolves: bug# 216936, bug# 215290, add 'Copy Alert' edit menu item
- clean up menu items, add tooltips
- fix printing so it will work with multiple alerts, force font to
monospace 10pt, display error dialog if printing fails.
- Resolves: bug# 216908, platform and raw audit messages were not
wrapped to fit on page.
- Related: bug# 216575, update i18n po files
- bump rev to 1.8
2006-11-28 John Dennis <jdennis@redhat.com>
- Resolves: bug# 216941, set default folder for save operation, also
set default filename
2006-11-27 John Dennis <jdennis@redhat.com>
- Resolves bug# 216327, add menu items "toggle hide deleted", "select
none". Add model filter to control visibility of alerts
- Resolves: bug# 214218, sealert with no command line arguments
induces startup as dbus service, this had been a regression.
2006-11-26 John Dennis <jdennis@redhat.com>
- Resolves: bug# 216327, rework how deletes are performed in
browser. Delete now marks each seleted siginfo with a delete flag,
expunge permanently deletes siginfo's marked for deletion, also add
undelete command, removed delete confirmation dialog. Modify how
text attributes in cell renderer are computed to allow for
strike-throughs of alerts marked for deletion.
- multiple alerts can now be selected, add select all command,
2006-11-22 John Dennis <jdennis@redhat.com>
- use new SELinux icon
2006-11-21 John Dennis <jdennis@redhat.com>
- fix missing alert interface in client
- add error reporting dialog, add error reporting for logfile
scanning
2006-11-21 Dan Walsh <dwalsh@redhat.com>
- Fix output of avc message to match audit.log
2006-11-20 John Dennis <jdennis@redhat.com>
- logfile scanning finally seems to work connected to browser
- Additional Information section of report now includes line
number information (if alert was generated from logfile)
- replace database update_callback() with notify interface, a more
generic solution more easily shared between components
- object implementing rpc method is now explicitly attached via
connect_rpc_interface() instead of walking the MRO chain with
magic exclusions. explicitly connecting is more flexible and
robust (no getting the wrong object by mistake)
- fix handling of return args in local rpc case
- fix signal connections between audit and logfile
- split databae and database_properties for audit and logfile
- fix initial connection state
- fix lookup_local_id
2006-11-15 John Dennis <jdennis@redhat.com>
- add more support for updating single rows in browser list view
rather than reloading everything
- correctly handle moving selection after a delete, lots of little
selection fixes.
- improve handling of ListStore model, nuke the kludgy pre-extended
rows
- signatures_updated() now works
2006-11-14 John Dennis <jdennis@redhat.com>
- Resolves: bug# 214218, sealert aborts if lang is not english, also
improve error handling, the actual error was not being trapped and
instead a subsequent error induced as a consequence was being
reported, which was a red herring, also fix redundant variable which
was used to hold the broswer window/widget instance.
- modify how changes to the database are propagated, database
object now takes an update callback. Now only the database is
responsible for reporting changes, previously it had been the
caller who modified the database and then had to also know what
type of update to signal. Modify the 'signatures_updated' family
of functions and signals to pass a upated type (add,delete,modify)
and an item identifier, currently the local id.
- signals to display the browser window now take an optional
argument to indicate what it should be displaying. This was added
for the case where the browser was visiting a logfile but the user
clicked on the alert notification icon, the browser should in this
instance always display the current alert, the user can use the
view menu to switch back to the logfile view after having viewed
the current alert.
- add timeout's to status messages
- tighten up the concept of 'visiting' in the browser, both in
data structure and methods, as well as status messages.
- make sure when the 'mark_seen' event triggers in the future it
is bound the database that generated it, not the currently viewed
database.
- fix some debug messages which were not inside 'if debug'
- move the signatures_updated signal to the database family of
objects.
2006-11-11 John Dennis <jdennis@redhat.com>
- modify the RPC call mechanism so that it is possible to call a
local object through the RPC API without it connecting to a remote
object. Thus users of the RPC API can be ignorant if the object
they are bound to is local or remote.
- split the RPC interface for the server into server specific
entry points and a new database interface. The new database
interface supports the browser binding to either a remote database
or a local instance created for logfile scanning.
- fix how timestamps are assigned, we used to just timestamp an
alert when it arrived from the audit system but now with logfile
scanning timestamps are embedded in the logfile messages so in
order to display the correct time an event occurred we needed to
pass the timestamp read in the logfile through the pipeline.
- create a thread in the browser for logfile scanning, perform the
analysis in the thread with the browser GUI bound to the threads
operation, display the scanning progress in the progress bar.
- introduce the notion in the broswer of "visiting" a database, at
the moment one is either vising the audit database or the last
scanned logfile, added "View" menu and menu items to view the
audit database or the logfile. When visiting have the browser
connect to different signals. The visit mechanism still needs
some work.
2006-11-08 Dan Walsh <dwalsh@redhat.com>
- Fix startup speed by moving import lines around
2006-11-02 John Dennis <jdennis@redhat.com>
- begin to add notion of database binding. Name of the default
database changed to "audit_listener_database", previous name of
"database" was just to generic. Introduce a database properties
object. Add RPC call to bind to the default audit database. Add
progress bar pulsing to browser when loading database via
RPC. Remove vestiges of analyze_logfile() in server/RPC.
- implement new custom GTK widget to encapsulate browser status
bar controls. Needed to support concept of browser "visiting" a
database.
2006-10-31 John Dennis <jdennis@redhat.com>
- Resolves bug# 213074, missing /etc/setroubleshoot directory in
%files section of spec file.
2006-10-28 John Dennis <jdennis@redhat.com>
- change parametrization of plugins, plugin.analyze() now receives
a avcinfo parameter with the avc and any derived information from
the AVC. The derived information is computed only once just prior
to invoking the set of plugin's. The plugin.analyze() method
instead of returning True/False now returns a report or
None. Parametrization of the report generation was also modified
to separate avc info from plugin information and do perform
template substitution updates only when the report is updated. By
cleanly separating data elements and computing informaition only
once we gained a 147x performance increase.
- add auto save functionality to database so the database is not
written to disk on every modification, instead the database is
marked as modified and after N changes or N seconds, whichever comes
first the database is saved.
- add the alert count to the formatted reports, it was in the browser
list view but not visible when reports were generated.
- database can now be created in temp area
- add global flags for debug and profiling code to avoid executing
code which the logging facility will filter out if the logging
messages are not at the specified logging level.
2006-10-24 John Dennis <jdennis@redhat.com>
- log file parsing now approx 4 times faster
- greatly enhance the statistics reporting capability in attempt
to diagnose slow log file parsing performance
- make gathering of environmenatal information optional,
environment information is only relevant at the time the
alert fires, not in a post processing scenario
- clean up several places where environmental information was
assumed and/or was always gathered, or gathered in the wrong place.
2006-10-23 John Dennis <jdennis@redhat.com>
- augment XML serialization so lists can be arbitrary class types
- pass line number information along with AVC to plugin report,
add line number list to siginfo, now when parsing a log file we
can track which lines in the log file contributed to the alert
- add progress reporting callback to parse_audit_logfile() so that
will periodically emit progress information during the parsing.
- parse_audit_logfile() now also returns 'statistics' about the
parsing, e.g. how many raw messages, number of events, elapsed time,
etc.
- add command line option -a to sealert to analyze a log file, at the
moment just prints analysis to stdout, need to connect to the
browser.
- introduce new python src file "analyze.py" to better organize the code
so that analysis code can be shared between audit monitoring code
and log file parsing code.
2006-10-21 Dan Walsh <dwalsh@redhat.com>
- Additional plugins bind_ports.py, connect_ports.py, device.py,
mislabeled_file.py
- Change PORTNUMBER to PORT_NUMBER
- Fix some plugins content
2006-10-19 John Dennis <jdennis@redhat.com>
- add ability to sealert operate as a command line tool and to
lookup a local id (sealert -l <id>)
- add sealert arg -S to start the SEAlert system independent of
dbus, essentially a one time stand alone application instead of a
service.
- be graceful if the X windows display cannot be opened, silence
gtk warnings during imports, test for the existence of the display
before creating GUI app, exit with error status and message if
display cannot be opened.
2006-10-18 John Dennis <jdennis@redhat.com>
- modify sealert & browser so they are decoupled from dbus and can
be run both with and without dbus.
2006-10-16 John Dennis <jdennis@redhat.com>
- fix audit thread's use of exit(), it was causing just the thread
to exit, not the parent process, solution is for the thread to
call thread.interrupt_main()
2006-10-15 John Dennis <jdennis@redhat.com>
- fix selinux_enabled and selinux_mls_enabled so they are booleans
instead of the numeric value their query functions return, this
way their string representation will be True or False, not 0 or 1.
2006-10-14 John Dennis <jdennis@redhat.com>
- add doc directory, add Inkscape diagrams, add SELinux Symposium paper
2006-10-12 John Dennis <jdennis@redhat.com>
- clean up how rpc calls are sent, formerly error returns were
handled separately as a special case leading to code duplication,
now every rpc interface comes with a pre-defined error_return
method and everything channels though a single set of routines.
2006-10-11 John Dennis <jdennis@redhat.com>
- implement "lookup by id", in server and client, still needs to
be called via command line arg
- fix the handling of error_returns in the rpc, discovered bug
when testing a failed id lookup, make the error handler interface
a built in method since it must always be present and do not
require it be defined in an interface definition.
2006-10-11 John Dennis <jdennis@redhat.com>
- add "Save As ..." menu item to write out selected alert as text
file.
2006-10-10 John Dennis <jdennis@redhat.com>
- add function to merge signfo data arriving in new report with
the siginfo present in the database, this keeps the siginfo data
in the database current with the latest version of the plugin
- remove code which tested for when the browser was visible before
electing to display the status icon. Now the status icon is aways
displayed unless the alert has been filtered.
2006-10-10 John Dennis <jdennis@redhat.com>
- Reimplement code that formats a siginfo into HTML and plain
text. There were several problems with the HTML code, it was not
accounting for the fact some of the content was already formatted
in HTML, it was not properly escaping the HTML content, it was
trying to insert HTML into an XML dom tree although HTML is not
valid XML. Part of the problem arose from the initial encoding of
the HTML in our XML database, it was escaping all the content when
it should have inserted the HTML verbatim, to accomplish this the
content had to be added to the XML in a CDATA section. Then
various parts of the code needed tweaking to change how and when
different data representations were handled (cleaner now). Now the
formatting of the siginfo in HTML is done via simple text
generation without trying to build a dom tree. Also reimplemented
formatting of the siginfo as plain text, both format_html() and
format_text() are methods of the signfo class instead of utility
routines. A very crude function was added to convert HTML to plain
text, at the moment it just handles HREF anchors, this is used
when formatting the siginfo as plain text for the components which
contain HTML formatting.
- Modify the email alert generation code so email is now sent as
multipart/alternative with both a plain text and HTML version of
the siginfo data, thus if the MUA supports HTML the user will see
the alert information with HTML formatting, if not he sees the
plain text version. The subject line was augmented to include the
alert summary. The 'TO' information is now in the header,
previously it had only been in the envelope.
2006-10-03 John Dennis <jdennis@redhat.com>
- Resolves bug# 208221, always return true for condrestart in spec file
scriptlet.
- Resolves bug# 208627, we were passing 'unknown' to
get_rpm_nvr_by_file_path()
- if the substitution value in __set_standard_sub() is None
then change the substition value to '<Unknown>'
2006-10-03 John Dennis <jdennis@redhat.com>
- Resolves bug# 206723, file names show up as hex string, added new
utility, audit_msg_decode() which strips quotes off, tests
to see if the entire string is composed of only hex characters
and if so decodes it.
2006-10-03 John Dennis <jdennis@redhat.com>
- Resolves bug# 207252, change all references to the icon to
setroubleshoot_icon.png, during install whatever the actual icon
name is install it as setroubleshoot_icon.png, this way if we
change the icon file everything which references continues to
work.
- change some more CamelCase to lowercase_underscore
2006-10-03 John Dennis <jdennis@redhat.com>
- convert code in signature.py to use true superclass and subclass
relationships. Carefully find everyplace a libxml2.doc and a
libxml2.xpath.xpathContext is created, assure they are referenced
once and are then freed. Eliminate any passing of node references
outside of the location where the doc created it, otherwise it's
too difficult to track where it should be freed. These changes
forced some structural changes in the xml serialization objects
and code.
- these changes should fix bugs #204274 and bug #206626, both
of which refer to excessive memory use, the most likely cause of
would have been our complete lack of freeing libxml2 documents and
xpath contexts, unlike most python objects they are not ref
counted nor garbage collected.
2006-09-28 John Dennis <jdennis@redhat.com>
- add connection icon to bottom right corner of browser,
add utility to update it. Make sure connection status signal
is emitted just after the browser is realized so that the
connection status is initially correct.
- remove use of deprecated Gnome App in the glade file
and the GUI code
- convert the Gnome AppBar to a GtkStatusBar, wrap it in a more
friendly API.
- add GtkProgressBar
- remove the seen column, instead change the font properties on
the line (to bold) if the alert has been seen. Add cell data
functions for all text cell renderers so that font properties
can be computed per cell based on the seen flag.
- set the progress bar during data loading, set the status
during loading, add error callback on data loading to update
the progress and status if loading fails.
2006-09-28 John Dennis <jdennis@redhat.com>
- add "toggle" to set of supported column types in tree view,
connect the "Filter" column to toggle events.
- connect the filter toggle event to RPC updating database
- change column indexing to 1-to-1 mapping with tree model.
- add utility to get the tree cell on a button click (replaced
by superior built-in toggle cell renderer).
2006-09-27 Dan Walsh <dwalsh@redhat.com>
- Change close key binding to ctrl-w
- Add new plugins cvs_data, rsync_data, xen_image, swapfile,
samba_share
2006-09-27 John Dennis <jdennis@redhat.com>
- clear the GUI of old data before loading new data,
fix the code used to display the filter icon in the filter column
2006-09-26 John Dennis <jdennis@redhat.com>
- add a column to the browser for the filter_type
- add utility function preextend_list() to create a list of known
size, and optionally initialize the elements. This is needed for
cases where we want to assign to a list index in random order,
we had been using insert() but this only works when insert() is
called in sequential order starting at 0, which is effectively
the same thing as append(). All use of insert() was replaced.
2006-09-26 John Dennis <jdennis@redhat.com>
- browser now shows pending duration till connection retry
attempt. When connection is lost the data in the view is
cleared. Better status messages on connection state. Clean up
improper use of traceback.format_exc() in conjunction with
logging.exeception(), which provides the traceback as a service
to the caller.
2006-09-26 John Dennis <jdennis@redhat.com>
- add connection state status to browser appbar, fix problem with
ProgramError exception, it had been mistakenly defined in two places.
2006-09-25 John Dennis <jdennis@redhat.com>
- Major rewrite of the client/server RPC code, all RPC definitions
are created with python decorators in an abstract class, all rpc
is now completely asynchronous and event driven from a centralized
event loop. There are four classes of RPC calls: methods, method
callbacks (for returning values from a method call, signals, and
error callbacks. Methods return values via an independent callback
with its own parameter signature independent of the parameter
signature of the method. Each parameter in an RPC call is now
tagged via a python decorator with its python class and conversion
to the proper object type is performed automatically by the RPC
mechanism. This includes conversion to complex nested
objects. The users of the RPC mechanism no longer need to be
aware the underlying transport is XML.
- Error handling has also been cleaned up, a new generic
ProgramError exception class was introduced containing an error
code and a message. All exceptions and other errors should converted
to a ProgramError and raise that instead. If a ProgramError is
caught during an RPC invocation then an error rpc signal is
emitted which is matched to the rpc in progress. The rpc caller
can add an error callback handler to receive the error or allow
the default handler to be invoked (which just logs the error).
- The handling of client/server communications and connections has
been cleaned up, better centralized, and refactored into cleaner
object classes. All connection objects (now called channels) have
connection state callback registered with them. Whenever a change
in the connection occurs the callback is invoked. Thus an object
owning a connection can monitor the status of the connection,
and specific actions when the state changes. The superclass
connection objects perform standard actions on connection state
changes leaving the subclassed connection object to handle only a
minor subset when the state of the connection changes. In
particular when certain connection objects see the state change to
closed it will queue a connection retry event with computed retry
intervals. This allows the server and clients to start and stop
independently and asynchronously and to resynchronize themselves
gracefully. Also, monitoring for the connection open state allows
for objects to know when they can make RPC calls.
2006-09-11 John Dennis <jdennis@redhat.com>
- fix bugs related to recording per user per signature filtering
2006-09-07 Karl MacMillan <kmacmill@redhat.com>
- Add signal handling to client and server.
- Fix minor plugin bugs.
2006-09-06 Karl MacMillan <kmacmill@redhat.com>
- Add rpm information for target.
- Add hostname and uname to signature info
- Add display of the full AVC
- Add display of the analysis id
- Change html generation to be separated out and us elemmenttree
2006-09-06 John Dennis <jdennis@redhat.com>
- add CommunicationChannel class to encapsulate data transfer
operations, in particular to provide an object threads can lock
during data transfer.
2006-09-06 John Dennis <jdennis@redhat.com>
- checkpoint the logfile scanning code, somewhat working
2006-09-06 John Dennis <jdennis@redhat.com>
- add rules to Additional Information HTML table and set the column
width to 30% for first column, however, the HTML renderer we're
using does not seem to respect these values, works fine in firefox.
2006-09-05 John Dennis <jdennis@redhat.com>
- fix reference to SELinux_48.png in glade file
- clear the rpm list in plugin.prepare() to avoid a running tally
of rpm's
- introduce a database directory, rather than just a database file
- add a 'database' logging category
- several bug fixes related to signature lookup.
- AvcContext string function now returns string which looks like how
it appears in an AVC message
2006-09-03 John Dennis <jdennis@redhat.com>
- Refactor much of the code in server.py and dispatcher.py (now
subsumed into server.py). Goal was to establish a much cleaner
data flow with objects handling a single task in isolation from
other components, especially with regards to
networking/communications. We now have a model whereby AVC's can
enter the system from a variety of sources, multiple sockets,
files, etc. When the AVC enters the system it is associated with a
"report receiver", the <AVC,receiver> pair is then passed to the
plugin manager. When a plugin decides to emit a report based on
that AVC the report is given to report receiver which traveled
along with the AVC. The report receiver now encapsulates the
database and subclasses of that add functionality to broadcast
alerts to interested clients. By cleaning up the object
relationships and implmenting a better class hierarchy we're now
in a much better position to offer advanced features because of
the more modular design, the first of which is log file scanning.
2006-09-01 Dan Walsh <dwalsh@redhat.com>
- Printing works at least in text mode
2006-09-01 Dan Walsh <dwalsh@redhat.com>
- Fix notification window so it does not come back if seen, and
only one gets generated. All disappear after a couple of seconds.
2006-08-31 John Dennis <jdennis@redhat.com>
- dispatcher.py: rework how audit messages injected into the
system and processed. Much of this work was in support of log file
scanning which should be coupled to the exact same processing code
as audit messages arriving from the audit socket. In essence log
file scanning synthesizes an audit message and we inject it into
the system the same way socket messages are injected. This was
also an excellent moment correctly handle out of order audit
messages, something we were not able to handle previously. This
may have been contributing to splitting what should have been a
single alert into two or more separate alerts because we didn't
recognize the incoming audit events as a single event. Correctly
assembling out of order messages introduced a fair amount of extra
complexity as we now maintain a cache of recent audit events, this
is fully documented in dispatcher.py
- Turn notifications back on by default.
2006-08-30 Karl MacMillan <kmacmill@redhat.com>
- Separated out HTML rendering and made it easier to translate.
2006-08-30 Dan Walsh <dwalsh@redhat.com>
- Hook up the rest of the menu bars on browser window
- Add public_content.py plugin
2006-08-30 John Dennis <jdennis@redhat.com>
- add delete_signatures() method to AlertClient class
2006-08-28 John Dennis <jdennis@redhat.com>
- remove duplicate msgid's from po/hr.po. I'm not entirely sure I did
this correctly, but the package wouldn't build because of this and
now at least it builds
2006-08-27 John Dennis <jdennis@redhat.com>
- start using the AppBar in the browser.
- "open logfile" now connected all the way from browser menu
to server rpc, still needs implementation, but "plumbing" is working.
- fixes for the date/time dialog
- remove install of setroubleshoot.glade, we now only use
setroubleshoot_browser.glade
2006-08-26 John Dennis <jdennis@redhat.com>
- some fixed to DateTimeDialog
2006-08-25 John Dennis <jdennis@redhat.com>
- add FileChooserDialog and DateTimeDialog to gui_utils.py
- add rpc delete_signatures()
2006-08-25 Dan Walsh <dwalsh@redhat.com>
- Added SELinux_128.png to make status icon work.
2006-08-25 Dan Walsh <dwalsh@redhat.com>
- Adding catchall plugin to grab any avc that does not get caught and
ask for a bug report
- Adding home_tmp_bad_labels plugin which says that confined domains
trying to access home_t labeled files, probably means they were
mislabeled and moved "mv" to the system directory.
2006-08-23 John Dennis <jdennis@redhat.com>
- add sorting on category column and seen column in browser,
fix reference to my_draw() in print function.
2006-08-23 John Dennis <jdennis@redhat.com>
- make browser window hidden by default so it does not flash
when it's first realized, connect to the "realize" signal to
initially position the vpane, add signal handlers to track
when the browser is visible, the presentation of the status
icon now checks if the browser is visible, the status icon is
not presented if the browser is already displayed.
2006-08-23 John Dennis <jdennis@redhat.com>
- remove all vestiges of popup alert, now browser is the only
UI game in town
2006-08-23 John Dennis <jdennis@redhat.com>
- restore the automatic updating of the browser window which had
been a regression, the AlertClient class now emits signals which
the GUI classes can connect to receive signals from the fault server,
also fix the "mark seen" regression
2006-08-23 John Dennis <jdennis@redhat.com>
- browser.py: restore mark_seen timeout
2006-08-23 John Dennis <jdennis@redhat.com>
- the config file now has separate sections for logging for each
process so that logging parameters can be set per process, also
added a filemode property so the log files could be opened in
replace or append mode.
- add new python module to generate UUID'S, now the local_id is a UUID
rather than a sequence number. This corrects for the problem that
sequence numbers are reset when databases are recreated and the
problem that sequence numbers are unique only within the database.
- add separate section of database for user data (should really be
separate database file), per user data now includes the email
alert flag and a list of email addresses to send to, this is a
much better place for this info that was the prior location in the
config file. The database may now support per user data, but the
email system has not been hooked up to it yet.
- add a PropertySet class for xml serialization, decided not to
use it for the time being, seems difficult validate the contents
when its members are not defined, if one defines the members you
lose the appeal of the PropertySet, one might just as well refer
directly to the object member.
- remove src/cgi-bin and src/css src/images cruft
- fix CamelCase in the xml object names
2006-08-23 Dan Walsh <dwalsh@redhat.com>
- Fix dbus launch, so it will start sealert if not running
- Spell check all plugins
2006-08-23 Dan Walsh <dwalsh@redhat.com>
- Add avc_syslog plugin which just puts translated AVC summary in
syslog
2006-08-23 John Dennis <jdennis@redhat.com>
- fix signature inflation, all data attached to a signature is now
encapsulated in a SEFaultSignatureInfo (siginfo) class. The GUI no
longer reaches into a signature looking for information, it looks
in the siginfo. The Plugin class now defines the method
get_signature() which report() calls to obtain the signature. The
default signature provided by the Plugin class includes the
analysisID, an AVC with just the src & target contexts, and the
object_path. All data accesses and parameters which had been "sig
and solution" are now done via the unified siginfo class. There is
still a bit more work to be done on this but this represents a
reasonble point to checkpoint the code in CVS.
2006-08-22 John Dennis <jdennis@redhat.com>
- Resolves bug# 203479, missing requires of audit-libs-python
2006-08-22 Karl MacMillan <kmacmill@localhost.localdomain>
- Changed browser to use refactored AlertDisplay widget. This
required some large changes to the gui code.
- Added sealert main application class.
- Changed classes in sealert to remove inter-dependencies and use
signals for communication.
2006-08-21 Dan Walsh <dwalsh@redhat.com>
- add translations to spec file
- fix allow_execmem
2006-08-21 John Dennis <jdennis@redhat.com>
- add support to sealert to listen on a dbus session signal to display
the gui. This is needed for when the status icon is not visible and
the user wants to see the UI. There is now a separate program
setroubleshoot_launch_gui which emits the signal.
2006-08-21 John Dennis <jdennis@redhat.com>
- load_plugins() now catches exceptions when a plugin won't load,
reports the traceback in the log file, and continues with the next
plugin. Previously a bad plugin caused the entire plugin loading
to abort and no plugins were loaded.
- Add "daemon_name" to automake variables, change pid file to match
- turn off "noreplace" on config file till things settle down a bit
- browser.py now validates data, also test for missing column data in
the cell_data function to avoid exceptions.
- add stub for analyzie_logfile() rpc call
- turn off balloon notifications by default in config file,
libnotify is just plain busted at this point :-(
- only the setroubleshootd daemon creates it's log file
under /var/log now, the user app's do it in /tmp, change file
permissions on /var/log/setroubleshoot back to 0644.
- sealert now looks up the username rather than hardcoding it to "foo"
- CamelCase to lowercase_underscore clean up
2006-08-21 Dan Walsh <dwalsh@redhat.com>
- Serious runaway process in 64 bit programs.
sealert was constantly reconnectiong
2006-08-20 John Dennis <jdennis@redhat.com>
- coalesced the browser and alert popup GUI. now sealert is mostly
communications and management of the status icon. The browser and
alert popup were broken out into their own applet classes. The
file alert_applet.py was added, the browser applet class remains
in the file browser.py. A common GUI utility file was added,
gui_util.py which the applets share code with. The status icon
now fully support the right click menu to bring up either the
alert popup or the browser.
2006-08-20 Dan Walsh <dwalsh@redhat.com>
- Add missing runcmd
2006-08-18 John Dennis <jdennis@redhat.com>
- add rpc signatures_updated() to signal the browser needs to refresh
2006-08-18 John Dennis <jdennis@redhat.com>
- more CamelCase name changes
2006-08-18 John Dennis <jdennis@redhat.com>
- change set_filter functon in server to use new utility
- lookup_signature clean up more CamelCase names
2006-08-18 John Dennis <jdennis@redhat.com>
- add rpc call set_user_data, browser now calls this to set
the seen_flag, change some of the CamelCase identifiers to
lowercase_underscore
2006-08-18 John Dennis <jdennis@redhat.com>
- no longer hardcode the pid file, make it configurable
- fix the umask setting when the daemon starts to be more secure
2006-08-18 John Dennis <jdennis@redhat.com>
- browser.py: now loads data from server
- server.py, client_server.py: add QueryAlerts rpc call
- server.py: move database into its own global singleton object,
add (back?) first_seen, last_seen, report_count, setting on each
signature, looks like that got lost somehow in a CVS merge :-(
- signature.py: change parseMemory to parseDoc, gracefully accept
xml node without a doc.
2006-08-16 John Dennis <jdennis@redhat.com>
- fix log file, now there is a separate log file for each process,
the log dir is now world writable (does this mean we have to move it
from /var/log/?), the logrotate script was updated, change the
default logging level from error to warning.
- dispatcher.py: get parameters from config file instead of hardcoding,
- sealert: add config variable to control if we use balloon
notifications
- fix exception which was occurring in LoadPlugins
2006-08-16 John Dennis <jdennis@redhat.com>
- change umask from 0 to 0022 in setroubleshootd so pid file
is only writable by root
2006-08-14 Karl MacMillan <kmacmill@localhost.localdomain>
- Change src/sealert to render information in html and simplified GUI.
2006-08-10 Dan Walsh <dwalsh@redhat.com>
- Remove setroubleshoot_dispatcher
- add html tag support
2006-08-08 John Dennis <jdennis@redhat.com>
- add "category" to plugins
- Resolves bug# 201719, minor spec file tweaks.
2006-08-08 Dan Walsh <dwalsh@redhat.com>
- Fix up handling of mls ranges in context
- Cleanup some pychecker errors
2006-08-07 John Dennis <jdennis@redhat.com>
- add first seen, last seen, and report count to alert detail view
- make the seen icon work, if the alert has been displayed more
than N seconds, mark the alert as having been seen by the user
and update the icon is the list view
- change the schema for the xml data; the database now has a version,
there is a local id attached to each signature, the filter list in
the siginfo was replaced by a list of per user data, the per user
data now contains the filter, seen_flag. Modify all the code which
was operating on the filter information to use the new model.
- fix the xml serialization so that booleans can be used as a basic
type and also so that non-string types can be used in element
attributes (e.g. int, bool) and the serialization code will
automatically convert between python types and strings.
2006-08-04 John Dennis <jdennis@redhat.com>
- clean up and rework the timestamp code in util.py so that
time zones are handled properly, there were a number of bugs.
Hopefully it's correct now because timezone handling is a pain.
- change the time format in the browser so all times are displayed
identically, the friendly time relative format was hard to compare.
- modify the plugin 'make install' to delete all existing plugin's
prior to installing the new ones
2006-08-03 John Dennis <jdennis@redhat.com>
- add popup menu to status icon to choose between browser and
alert GUI (not fully connected yet). Several bug fixes related
to changing the filter_type from a string to an int.
2006-08-03 John Dennis <jdennis@redhat.com>
- add filter selection to bottom pane, change filter_type from
string to integer constant. Enhance how columns are handled.
Get init_combo_box to work. Remove unused RPM and Bugzilla
fields from bottom pane. Modify the default size of the browser
window. Fix missing import in util.py.
2006-08-03 John Dennis <jdennis@redhat.com>
- add ability in broswer to sort on columns, initially the report
count column and the last seen date column. The date column now
stores a TimeStamp object instead of a string. Add new method
to TimeStamp to return a friendly string relative to the current
time. The date column in the browser now has a cell data function
which invokes the friendly format method of the TimeStamp object.
2006-08-02 Dan Walsh <dwalsh@redhat.com>
- Change interface to use audit unix domain socket
2006-08-02 John Dennis <jdennis@redhat.com>
- add ability fo serialize to/from xml for classes which can
inititialized from strings and serialized as strings (e.g. numbers,
TimeStamps, etc.)
2006-08-01 John Dennis <jdennis@redhat.com>
- add count of how many times a signature is reported, the date
when first and last reported, add columns for report count and
last date count to browser.
2006-08-01 John Dennis <jdennis@redhat.com>
- checkpoint browser code, list pane and detail pane now working.
2006-08-01 John Dennis <jdennis@redhat.com>
- add initial support for browser applet, move some functions which
kept getting reused to util.py
2006-08-01 Dan Walsh <dwalsh@redhat.com>
- Fix disable_trans.py set_boolean call
2006-07-31 John Dennis <jdennis@redhat.com>
- add reporting of environment to email alert (email alerts still
need work)
2006-07-28 Dan Walsh <dwalsh@redhat.com>
- Complete all boolean plugins except disable
2006-07-28 John Dennis <jdennis@redhat.com>
- modify SetFilter in server to return errors instead of
throwing an exception. Default the filter list on each alert display.
2006-07-27 John Dennis <jdennis@redhat.com>
- minor tweaks to alert queue handling
2006-07-27 John Dennis <jdennis@redhat.com>
- fix analyze() parameter list in ftp_is_daemon.py plugin
2006-07-27 John Dennis <jdennis@redhat.com>
- sealert now responds to pending alerts more correctly, it shows
how many pending alerts are in the queue, if you filter the pending
alert status is updated, the next alert button will advance you
to the next alert in the queue
- simplify major pieces of sealert by coalescing common code
into subroutines.
2006-07-27 Dan Walsh <dwalsh@redhat.com>
- Make Close button work.
- Make setroubleshoot_dispatcher exit if it gets an avc about itself
2006-07-26 Karl MacMillan <kmacmill@localhost.localdomain>
- Fixed user string handling in plugin class - moved initialization of
Plugin.__init__.
- Add generic templating mechanism to Plugin
- Ported all plugins to use templating mechanism
2006-07-25 Dan Walsh <dwalsh@redhat.com>
- Simplify plugins by using TARGET_PATH and SOURCE_PATH constants and
moving the processing of the avc to to Plugin.py
- Fix setroubleshoot_dispatcher to ignore granted
- Fix sealert to handle initial startup without setroubleshoot running
2006-07-25 John Dennis <jdennis@redhat.com>
- Add close button per suggetion of desktop group, add a pending alert
message area and a next button which will be active if there are
pending alerts after this one. This is to try and address the
situation where after dismissing the current alert you immediately
get a new alert, not only is this annoying but its very hard to tell
you're advancing to the next alert instead of just thinking there is
something wrong with the dismissal of the dialog box, only careful
examamination would reveal its a different alert. Plus we probably
don't want the dialog box popping up and down and notification
balloons firing when there is a pending alert to display after
dismissal of the current alert.
2006-07-24 John Dennis <jdennis@redhat.com>
- fix parts of the SetFilter server method
2006-07-24 John Dennis <jdennis@redhat.com>
- edit the TODO list
- move sealert to /usr/bin from /usr/sbin
- add RPC method: EvaluateAlertFilter
- fix 2 bugs in rpc command buffering, off by one bug on buffer update,
dispatching was done before command buffer data structure was
updated, on rentry this caused infinite loop
- add alert queue to sealert, now when alert messages arrive from
server they are queued, if the alert is not being displayed the alert
is dequeued and displayed. When the current alert is dismissed by the
user, the queue is ckecked, if not empty the next alert is displayed.
- when preparing to display an alert the server is called to
evaluate the filtering on the alert. Previously the filter was
evaluated in the server prior to sending the alert, however that
will not work if the user elects to filter the alert and the same
alert fires before he sets the filtering, it would then be in the
display queue even though it should be filtered, moving the decision
to filter to just prior to display will handle the case where the
same alert fires in succession and the user elects to filter the
first instance. It also accommodates the case where the filtering
is modified by an another agent on the server, e.g. the browsing
applet.
2006-07-24 John Dennis <jdennis@redhat.com>
- bump version to make release
2006-07-24 Dan Walsh <dwalsh@redhat.com>
- Fix sealert to sleep for 5 seconds and then attempt reconnect
eliminate infinite loop when setroubleshoot goes away
- Change logrotate script to eliminate bad endscript
- Remove debug message from setroubleshoot_dispatcher
2006-07-24 John Dennis <jdennis@redhat.com>
- Introduce the concept of "privileges" for authorization
after authentication. Once authenticated, does user have the
privilege to perform the action? Needed to separate authorization
to connect to server to get information vs. authorization to
perform a root level "fix command"
2006-07-22 Dan Walsh <dwalsh@redhat.com>
- More fixes to plugins
- Cleanup helper functions
2006-07-21 Dan Walsh <dwalsh@redhat.com>
- Fix problem in dispatcher
2006-07-21 John Dennis <jdennis@redhat.com>
- add email alerts
- stop the status icon from blinking, add notification balloon.
2006-07-21 Karl MacMillan <kmacmill@localhost.localdomain>
- Added more plugins.
2006-07-20 Dan Walsh <dwalsh@redhat.com>
- Added more plugins
- Updated POTFILES
2006-07-20 Karl MacMillan <kmacmill@localhost.localdomain>
- Added more plugins.
- Changed some of the avc.*Match* functions for consistency and
clarity.
- Added very simple templated to the messages returned by plugins.
2006-07-19 Dan Walsh <dwalsh@redhat.com>
- Added a bunch more plugins
2006-07-19 Karl MacMillan <kmacmill@localhost.localdomain>
- Add allow_cvs_read_shadow.py, allow_ftp_use_cifs, allow_ftp_use_nfs,
and allow_gssd_read_tmp.
- Change AVC to have additional helpers for matching messages.
- Change Plugin to work better with more than one solution.
2006-07-19 Dan Walsh <dwalsh@redhat.com>
- Fix setroubleshoot_dispatcher to catch all information from avc.
Much cleaner interface and no longer uses audit2allow cruft.
- Remove toolbar from popup window since it did nothing, and I think
it looks better without it.
- fix allow_execmod plugin to report better data.
2006-07-18 John Dennis <jdennis@redhat.com>
- modify sealert to display a status icon and only bring up the
popup dialog after the icon is clicked on.
- add autotool support for internationalization
- move the database from /var/run/setroubleshoot to
/var/lib/setroubleshoot
- add and install desktop files and autostart files to enable the
alert display automatically
- add logo png file
2006-07-17 Karl MacMillan <kmacmill@localhost.localdomain>
- Add getCred to get the uid / gid of the client
program on connect in server.py.
- Add access_control.py to provide basic access control
to the server based on the configuration file.
- Add calls into access_control.py to the server. Basic
access control now works based on the configuration file.
- Add 'access' section to the configuration file for
access_control.py.
- Fix log.py to not fail if the user does not have access
to the default log file. Allows sealert to be run by a
non-root user.
- Add HACKING to capture basic notes on changing setroubleshoot.
2006-07-14 Dan Walsh <dwalsh@redhat.com>
- Changed default port to 3267 (My UID) Until we get a permanent one
- Change location of database.xml to
/var/run/setroubleshoot/database.xml for easier selinux policy
- Change setroubleshootd to write out its pid file
2006-07-14 John Dennis <jdennis@redhat.com>
- add these requires to spec file: pygtk2, gnome-python2-libegg
- update the TODO list
- numerous small tweaks to get audit dispatching working, rename
avc_snap to setroubleshoot_dispatcher and move to /usr/lib/audit
2006-07-13 Dan Walsh <dwalsh@redhat.com>
- Fix default.py and add httpd_connect_db.py
2006-07-11 Dan Walsh <dwalsh@redhat.com>
- Add additional troubleshoot plugins
2006-07-07 John Dennis <jdennis@redhat.com>
- add cmd_job.py, beginning basis for running commands on server
at the request of a client, each job runs in its own thread with
callbacks for asynchronous stdout,stderr io and command termination.
2006-07-06 John Dennis <jdennis@redhat.com>
- add separate formatter for syslog messages that includes the
package name, remove the 'log_' prefix from the log name, however
the logger object is still prefixed with 'log_', spruce up the
default log format.
- add "Requires: audit" to spec file, fix error logging bug in
Plugin.py when it could not connect to the fault server, tweak
format strings in socket error messages, rename the root logger in
log.py and hide it inside the module, it shouldn't be visible, fix
the address the SysLogHandler opens to talk to syslogd, it had
been localhost:514/udp but apparently its a UNIX domain socket at
/dev/log which is not Python's default in its logger module (that
one took a little while to figure out :-)
- The analysis plugin's now also perform a logon operation
when registering a fault.
2006-07-05 John Dennis <jdennis@redhat.com>
- make autogen.sh correctly report configure arguments, do a
better job handling when socket connections fail, add code to
track the set of connected clients and remove them when they
disconnect. Replace the use of 'identity' with a Logon command
providing the type of client, the username, and a
password. Simplify the manner in which RegisterProblem is called
in ipc, this will be a model for other ipc calls to come later.
2006-06-29 John Dennis <jdennis@redhat.com>
- Complete the implementation of the MultiServer, a server object
which permits multiple servers to be run on multiple ports from a
single process with threading. Was able to significantly condense
the code from the previous checkin by finding ways to utilize the
exisiting python library functions, its much cleaner now.
2006-06-28 John Dennis <jdennis@redhat.com>
- Implement new server which can listen on multiple ports and
serve the client in a separate thread. This is necessary to
support both communication on the fault server port and http
protocol on an http port, both connected to the same server. This
checkin is a checkpoint, the code in server.py is hacked up, but
works, a subsequent checkin will clean it up and recast it as
classes that will integrate better with the python SocketServer
classes from which the current code is derived. The SocketServer
classes only support a single port :-(. This checkin also includes
changes to the configuration file to separate the fault server and
http server configuration parameters as well as adding support for
console logging.
2006-06-27 John Dennis <jdennis@redhat.com>
- fix bug where xml passed as a string to the rpc cmd argument was
being escaped, now rpc cmd argument is passed xmlNode. Remove
__pyClass element attribute, it is not necessary.
- add target to top level Makefile to make CVS tag, restore
pkglibexecdir variables, consolidate makeCmd/SendCmd logic,
formalize the rpc interfaces, remove the AlertMsg class now that
we can pass individual parameters in rpc.
2006-06-26 John Dennis <jdennis@redhat.com>
- add missing /var/log directory %files section in spec file and add
logrotate script
- Implement better framework for RPC call, from introspection can
now automatically detect function/method argument lists, will
build xml document for arguments and intelligently import dom tree
when an arg is xml. On the receiving side it unpacks the xml and
invokes the command. The need for individual functions to be aware
of their role in RPC is being eliminated. Still a little bit more
work to be done in this area.
- Remove OK button, Reset All Filters button from GUI, fix
@guidir@ in Makefile.am, add missing close() method to server
2006-06-24 John Dennis <jdennis@redhat.com>
- clean up autotool files and spec file to produce a clean rpm
2006-06-23 John Dennis <jdennis@redhat.com>
- major clean up of debug messages, config.py now exports a list
of available logging categories, each category has a logging
object created for it which is exported by log.py. The config file
can set whether a category is logged, and at what verbosity level
it is logged at. When the config file is generated it lists the
currently available logging categories. All debug print statements
changed to use one of logging objects. Carefully avoid circular
references between config.py and log.py, also assure config.py can
geneate the default config file without needing any installed
module so that things work correctly in a buildroot.
2006-06-22 John Dennis <jdennis@redhat.com>
- fix the plugin filtering to use shell globs, fix the cmd line arg
- install setroubleshoot.init into /etc/init.d
- relocated the gui files (eg: glade) to "gui" under package data dir
- relocated the plugin dir to "plugins" under package data dir
- remove debug.py and replace with log.py which uses native python
logger library, create intitial set of logger object, add basic
logging configuration to config file, in addition setup so errors
are also logged to syslog
- add plugin filter option to setroubleshoot to control which
plugins are loaded. It's a regular expression, give the full name
for an exact match, or any reg exp to pick a set of plugins
- add an option to setroubleshootd to prevent forking
2006-06-21 John Dennis <jdennis@redhat.com>
- fill out the config file, define a table of defaults, write
utility to dump default config file, modify make target to
automatically generate default config file, modify all code to
query config options rather than binding to hardcoded values.
2006-06-21 Dan Walsh <dwalsh@redhat.com>
- Added Plugin class to be used by all plugins and simplify writing of
plugins.
2006-06-21 Dan Walsh <dwalsh@redhat.com>
- add initscript and change setroubleshootd to be a daemon
- Change avc_snap to sleep for 2 seconds
- tagged as V-0-10
2006-06-20 John Dennis <jdennis@redhat.com>
- add config file (/etc/setroubleshoot/setroubleshoot.cfg),
add initial parsing of config file
- add debug.py module
- add Copyright notices
- Major rewrite of the client/server code. Eliminate dependence on
dbus. Reimplement the server as a concurrent server handling each
client connection in it's own thread. Clients now connect,
announce their intended use of the server and pass rudimentary
identity information (still need to flesh out full logon
mechanism). Both client and server now support both asynchronous
and synchronous bidirectonal communication, all message
communication now returns a result, results are paired with a
command identifier. All socket I/O now supports arbitrary sized
reads/writes, command messages are buffered until a full message
is received, multiple messages can arrive in a single socket read
and be dispatched correctly. Communication endpoints now have
dispatch tables to map a command method into a callable
object. This checkin returns us to a state of user functionality
previously available (start server daemon, alert listner GUI,
plugin analysis). After such a major rewrite there remain many
small nits which need attention, but best to checkpoint working
code now.
- Merge in Dan's change to the socket path, now part of configure
and config.py
2006-06-15 Dan Walsh <dwalsh@redhat.com>
- Change communications path to use /var/run/setroubleshoot
- Change to use selinux-policy-type and selinux-policy-rpm
- Make avc_snap work
2006-06-13 Dan Walsh <dwalsh@redhat.com>
- Rename ftpd.py plugin to ftpd_upload.py
- added ftpd.py plugin which detects when someone tries to log-in
to a users homedir
2006-06-10 John Dennis <jdennis@redhat.com>
- put framework in place in browse cgi script to asynchronously
update filter setting. Add UpdateFilter cgi script, backend of
AJAX update filter action. Checkpoint work in progress...
2006-06-09 John Dennis <jdennis@redhat.com>
- add new javascript function to create xmlHttpRequest object in
browser agnostic manner
- add filter selection to table
- add images directory and SELinux logo for use web browse page
- added src/cgi-bin src/css directories for cgi scripts and
stylesheets respectively
- Add SELinux Logo (Tux with a shield, courtesy of Diana Fong) to
GUI
- remove "Alerts" tab from GUI, this info will now be provided by
HTTP browsing.
- remove "Cancel" button from GUI, it was meaningless.
- Rewrote webserver.py to use base python modules to serve regular
files and cgi scripts, removed my hacky attempt at the same.
- add cgi script to browse the database
- remove use of xsl to generate browse page, now done with cgi
2006-06-08 John Dennis <jdennis@redhat.com>
- checkpoint current version of the webserver just so I don't lose
things. Been experimenting with AJAX and XMLHttpRequest, currently
have a local copy of ajax.html and ajax.css based on classic
example from OReilly that is working.
2006-06-06 John Dennis <jdennis@redhat.com>
- add initial support for select processing of filter value
- implment post handler
- add webserver.py
- add xsl database translation (database.xsl)
2006-05-31 John Dennis <jdennis@redhat.com>
- modify data structures and method parametrization to allow the
list of xml names to be optionally passed rather than hardcoded
into the class via __xmlInfo. This is setup work for the next step
of writing a query mechanism which passes its own list of names.
- add support for "Reset All Filters"
- add SplitRpmNVR() utility, fix bogus use of epoch in NVR, add
support for filtering by RPM watch list (both policy rpm and
faulting pkg rpm). Successfully test rpm version filtering.
- add identity registration to sealert client, add client list in
server, add TimeStamp function to evaluate Past/Future status, add
EvaluateFilter() method to decide if alert should be
posted. Successfully test time based alert filtering.
- add utilities to update the filter list, change filter_type from
int to string to avoid XML representation problems, can now pass
and update all the filter modes from the GUI to the database and
serialize the database. Update the definition of a filter to
include RPM's as well as date/time triggers.
2006-05-30 John Dennis <jdennis@redhat.com>
- add initial support for the server's HandleSetFilter function
- fix object comparison functions
- add FindProgram(), searches known program locations for a match,
returns full path. Modify plugin.ftpd.py to lookup up rpm based on
avc.comm entry using FindProgram
- remove 'solution' element from signature, they should be independent
- add setroubleshoot bin script to iterate over log files
- change context class to full XML AvcContext class
- add ParseAVC utility
2006-05-26 John Dennis <jdennis@redhat.com>
- add the ftpd plugin
- populate the rpm list in the GUI
- add query for platform and kernel
- populate environment info in GUI, populate object path in GUI
- change parameters on dbus alert signal
- update "test" in sealert to reflect new parameters
- add update status to GUI, add environment info to glade
2006-05-25 John Dennis <jdennis@redhat.com>
- remove obnoxious need to pass obj name to object constructor
- rewrite parts of the XML serialization code so that element
names can be divorced from their python class, add element
attribute __pyClass to store the python class name. Change python
class member names from class type to a more meaningful "variable
name".
2006-05-24 John Dennis <jdennis@redhat.com>
- add Menus to alert window
- fix hide/delete behavior, now the alert process does not exit,
just the window is removed from the display.
- Major rework of alert window, now tabbed notebook, add rpm list,
bugzilla list, querry bugs, submit bug, alert review
2006-05-23 John Dennis <jdennis@redhat.com>
- add support for DATA_DIR in configure, config.py.in, Makefile.am
- add RPM list and Bug List to glade
- clean up execheap, clean up parameter & field names, remove
newlines from text when displaying, let text widget do the wrapping.
- add avc_snap script
- Everything now installs and runs using configure the way it did
before the import to CVS began (without autotool support). This is
a good checkpoint.
Mr. DellatioNx196 GaLers xh3LL Backd00r 1.0, Coded By Mr. DellatioNx196 - Bogor BlackHat