setroubleshoot/setroubleshoot.spec

Summary: Helps troubleshoot SELinux problems
Name: setroubleshoot
Version: 0.38
Release: 1
License: GPL
Group: Applications/System
URL: http://www.redhat.com/ 
Source0: %{name}-%{version}.tar.gz
Source1: setroubleshoot.init
Source2: setroubleshoot.logrotate
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildArch: noarch
BuildRequires: perl-XML-Parser
Requires: gnome-python2-gtkhtml2

%{!?python_sitelib: %define python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print get_python_lib()")}

%define pkgpythondir  %{python_sitelib}/%{name}
%define pkgdocdir     %{_datadir}/doc/%{name}-%{version}
%define pkgdatadir    %{_datadir}/%{name}
%define pkglibexecdir %{_prefix}/libexec/%{name}
%define pkgvardatadir %{_localstatedir}/lib/%{name}
%define pkgrundir     %{_localstatedir}/run/%{name}
%define pkgconfigdir  %{_sysconfdir}/%{name}
%define pkglogdir     %{_localstatedir}/log/%{name}

Requires: audit >= 1.2.6-3
Requires: audit-libs-python >= 1.2.6-3
Requires: libselinux >= 1.30.15-1
Requires: pygtk2 >= 2.9.2
Requires: notify-python

BuildRequires: intltool gettext python

Requires(post):   /sbin/chkconfig
Requires(post):   /sbin/service
Requires(post):   /usr/bin/update-desktop-database

Requires(preun):  /sbin/chkconfig
Requires(preun):  /sbin/service

Requires(postun): /usr/bin/update-desktop-database

%description
Provides tools to help diagnose SELinux problems. When AVC messages
are generated an alert can be generated that will give information
about the problem and help track its resolution. Alerts can be configured
to user preference. The same tools can be run on existing log files.

%prep
%setup -q

%build
%configure
make

%install
rm -rf %{buildroot}
make DESTDIR=%{buildroot} install
%{__install} -D -m755 %{SOURCE1} %{buildroot}/etc/rc.d/init.d/%{name}
%{__install} -D -m644 %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
touch %{buildroot}%{pkgvardatadir}/database.xml
%find_lang %{name}

%post
[ -f %{pkgvardatadir}/database.xml ] && chmod 644 %{pkgvardatadir}/database.xml
/usr/bin/update-desktop-database %{_datadir}/applications
/sbin/chkconfig --add %{name}
/sbin/service %{name} condrestart >/dev/null 2>&1

%preun
if [ $1 = 0 ]; then
    /sbin/service %{name} stop >/dev/null 2>&1
    /sbin/chkconfig --del %{name}
fi

%triggerpostun -- setroubleshoot <= 0.35-1
/sbin/service %{name} cleardb

%postun 
/usr/bin/update-desktop-database %{_datadir}/applications

%clean
rm -rf %{buildroot}

%files -f %{name}.lang
%defattr(-,root,root,-)
%doc %{pkgdocdir}
%{_bindir}/*
%{_sbindir}/*
%{pkgpythondir}
%{pkgdatadir}
# Note: it is explicitly known the config file is not noreplace,
# this is because the config file during active development changes
# so much it's worse to be incompatible than lose a user modified value
# We'll set it back to noreplace when things stablize
%config %{pkgconfigdir}/%{name}.cfg
%dir %{pkglogdir}
%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
%dir %{pkgrundir}
%dir %{pkgvardatadir}
%ghost %attr(0644,root,root) %{pkgvardatadir}/database.xml

/etc/rc.d/init.d/%{name}
%{_sysconfdir}/xdg/autostart/*
%{_datadir}/applications/*.desktop
%{_datadir}/dbus-1/services/sealert.service

%changelog
* Fri Aug 30 2006 Dan Walsh <dwalsh@redhat.com> - 0.38-1
- 	Dan Walsh
	* Hook up the rest of the menu bars on browser window
	* Add public_content.py plugin
- John Dennis  
	* add delete_signatures() method to AlertClient class
        * start using the AppBar in the browser.
	* "open logfile" now connected all the way from browser menu
	to server rpc, still needs implementation, but "plumbing" is working.
	* fixes for the date/time dialog
	* remove install of setroubleshoot.glade, we now only use
	setroubleshoot_browser.glade
	* some fixed to DateTimeDialog

* Fri Aug 25 2006 Dan Walsh <dwalsh@redhat.com> - 0.37-1
- Add back in the status icon

* Thu Aug 24 2006 John Dennis <jdennis@redhat.com> - 0.36-1

- change dbclear trigger to 0.35

* Thu Aug 24 2006 John Dennis <jdennis@redhat.com> - 0.35-1

- add sorting on category column and seen column in browser,
  fix reference to my_draw() in print function.
	
- make browser window hidden by default so it does not flash
  when it's first realized, connect to the "realize" signal to
  initially position the vpane, add signal handlers to track
  when the browser is visible, the presentation of the status
  icon now checks if the browser is visible, the status icon is
  not presented if the browser is already displayed.

* Thu Aug 22 2006 Dan Walsh <dwalsh@redhat.com> - 0.34-1
- Standardize on the browser. remove alert window
-  John Dennis  Changes
	* remove all vestiges of popup alert, now browser is the only
	UI game in town
	* restore the automatic updating of the browser window which had
	been a regression, the AlertClient class now emits signals which
	the GUI classes can connect to receive signals from the fault server,
	also fix the "mark seen" regression
	* browser.py: restore mark_seen timeout

* Tue Aug 22 2006 Dan Walsh <dwalsh@redhat.com> - 0.33-1
- Spell check plugins
- fix dbus instantiation

* Tue Aug 22 2006 Dan Walsh <dwalsh@redhat.com> - 0.32-1
- Add avc_syslog to syslog translated avc message
- Fix submitbug button
-  John Dennis  Changes
	* fix signature inflation, all data attached to a signature is now
	encapsulated in a SEFaultSignatureInfo (siginfo) class. The GUI no
	longer reaches into a signature looking for information, it looks
	in the siginfo. The Plugin class now defines the method
	get_signature() which report() calls to obtain the signature. The
	default signature provided by the Plugin class includes the
	analysisID, an AVC with just the src & target contexts, and the
	object_path. All data accesses and parameters which had been "sig
	and solution" are now done via the unified siginfo class. There is
	still a bit more work to be done on this but this represents a
	reasonble point to checkpoint the code in CVS.


* Tue Aug 22 2006 Dan Walsh <dwalsh@redhat.com> - 0.31-1
- Fix desktop

* Tue Aug 22 2006 John Dennis <jdennis@redhat.com> - 0.30-1
	* fix bug #203479, missing requires of audit-libs-python

	* add support to sealert to listen on a dbus session signal to display
	the gui. This is needed for when the status icon is not visible and
	the user wants to see the UI. There is now a seperate program
	setroubleshoot_launch_gui which emits the signal.
	
* Tue Aug 22 2006 Dan Walsh <dwalsh@redhat.com> - 0.29-1
- Add Requires: audit-libs-python
- Add translations

* Mon Aug 21 2006 Dan Walsh <dwalsh@redhat.com> - 0.28-1
- Fix allow_execmem.py file 
- Add translations

* Mon Aug 21 2006 John Dennis <jdennis@redhat.com> - 0.27-1
	* load_plugins() now catches exceptions when a plugin won't load,
	reports the traceback in the log file, and continues with the next
	plugin. Previously a bad plugin caused the entire plugin loading
	to abort and no plugins were loaded.
	
	* Add "daemon_name" to automake variables, change pid file to match

	* turn off "noreplace" on config file till things settle down a bit

	* browser.py now validates data, also test for missing column data in the
	cell_data function to avoid exceptions.

	* add stub for analyzie_logfile() rpc call

	* turn off balloon notifications by default in config file,
	libnotify is just plain busted at this point :-(

	* only the setroubleshootd daemon creates it's log file
	under /var/log now, the user app's do it in /tmp, change file
	permissions on /var/log/setroubleshoot back to 0644.

	* sealert now looks up the username rather than hardcoding it to "foo"
	
	* CamelCase to lowercase_underscore clean up

* Mon Aug 21 2006 Dan Walsh <dwalsh@redhat.com> - 0.26-1
- Zero out datbase.xml for updated browser

* Mon Aug 21 2006 Dan Walsh <dwalsh@redhat.com> - 0.25-1
- Fix 64 bit issue that caused runaway problem

* Sun Aug 20 2006 Dan Walsh <dwalsh@redhat.com> - 0.24-1
- add missing runcmd

* Thu Aug 17 2006 John Dennis <jdennis@redhat.com> - 0.23-1

	* fix for bug #202206, require correct version of audit,
	fixes for audit connection.

* Thu Aug 10 2006 Dan Walsh <dwalsh@redhat.com> - 0.20-1
	* add html support
	* remove setroubleshoot_dispatcher

* Tue Aug 8 2006 Dan Walsh <dwalsh@redhat.com> - 0.19-1

2006-08-08  Dan Walsh <dwalsh@redhat.com>
	* Fix up handling of mls ranges in context
	* Cleanup some pychecker errors

2006-08-07  John Dennis  <jdennis@redhat.com>
	* add first seen, last seen, and report count to alert detail view

	* make the seen icon work, if the alert has been displayed more
	than N seconds, mark the alert as having been seen by the user
	and update the icon is the list view

	* change the schema for the xml data; the database now has a version,
	there is a local id attached to each signature, the filter list in
	the siginfo was replaced by a list of per user data, the per user
	data now contains the filter, seen_flag. Modify all the code which
	was operating on the filter information to use the new model.

	* fix the xml serialization so that booleans can be used as a basic
	type and also so that non-string types can be used in element
	attributes (e.g. int, bool) and the serialization code will
	automatically convert between python types and strings.

* Mon Aug 7 2006 Dan Walsh <dwalsh@redhat.com> - 0.18-1
- Add dispatcher.py

* Sat Aug 5 2006 Dan Walsh <dwalsh@redhat.com> - 0.17-1
- John Dennis  <jdennis@redhat.com>
	* clean up and rework the timestamp code in util.py so that
	time zones are handled properly, there were a number of bugs.
	Hopefully it's correct now because timezone handling is a pain.
	
	* change the time format in the browser so all times are displayed
	identically, the friendly time relative format was hard to compare.
	
	* modify the plugin 'make install' to delete all existing plugin's
	  prior to installing the new ones

	* add popup menu to status icon to choose between browser and
	alert GUI (not fully connected yet). Several bug fixes related
	to changing the filter_type from a string to an int.
	
	* add filter selection to bottom pane, change filter_type from
	string to integer constant. Enhance how columns are handled.
	Get init_combo_box to work. Remove unused RPM and Bugzilla
	fields from bottom pane. Modify the default size of the browser
	window. Fix missing import in util.py.
	
	* add ability in broswer to sort on columns, initially the report
	count column and the last seen date column. The date column now
	stores a TimeStamp object instead of a string. Add new method
	to TimeStamp to return a friendly string relative to the current
	time. The date column in the browser now has a cell data function
	which invokes the friendly format method of the TimeStamp object.

	* add ability fo serialize to/from xml for classes which can
	inititialized from strings and serialized as strings (e.g. numbers,
	TimeStamps, etc.)
	* add count of how many times a signature is reported, the date
	when first and last reported, add columns for report count and
	last date count to browser.
	* checkpoint browser code, list pane and detail pane now working.
	* add initial support for browser applet, move some functions which
	kept getting reused to util.py
	* add reporting of environment to email alert (email alerts still
	need work)

- Dan Walsh <dwalsh@redhat.com>

	* Fix disable_trans.py set_boolean call
	* Complete all boolean plugins except disable
	* Change interface to use audit unix domain socket


* Mon Jul 28 2006 Dan Walsh <dwalsh@redhat.com> - 0.16-1
- John Dennis  <jdennis@redhat.com>
	* modify SetFilter in server to return errors instead of
	throwing an exception. Default the filter list on each alert display.
	* minor tweaks to alert queue handling
	* fix analyze() parameter list in ftp_is_daemon.py plugin
	* sealert now responds to pending alerts more correctly, it shows
	how many pending alerts are in the queue, if you filter the pending
	alert status is updated, the next alert button will advance you
	to the next alert in the queue
	* simplify major pieces of sealert by coalescing common code
	into subroutines.
- Dan Walsh <dwalsh@redhat.com>
	* Complete all boolean plugins except disable
	* Make Close button work.
	* Make setroubleshoot_dispatcher exit if it gets an avc about itself

* Mon Jul 26 2006 Dan Walsh <dwalsh@redhat.com> - 0.15-1
-  Karl MacMillan 
	* Add generic templating mechanism to Plugin
	* Ported all plugins to use templating mechanism

* Sat Jul 22 2006 Dan Walsh <dwalsh@redhat.com> - 0.13-1
- Fixes to plugins
- Fixes to dispatcher

* Fri Jul 21 2006 Dan Walsh <dwalsh@redhat.com> - 0.12-1
	* Fix problem in dispatcher

* Fri Jul 21 2006 John Dennis <jdennis@redhat.com> - 0.11-1 
	* add email alerts
	* stop the status icon from blinking, add notification balloon.

* Fri Jul 21 2006 Dan Walsh <dwalsh@redhat.com> - 0.10-1
- Fix startup order for setrobleshoot
- Fix Plugins

* Tue Jul 20 2006 Dan Walsh <dwalsh@redhat.com> - 0.9-1
- Additional Plugins plus a lot of cleanup 

* Mon Jul 19 2006 Dan Walsh <dwalsh@redhat.com> - 0.8-1
- Added a bunch more plugins
- From 2006-07-19  Karl MacMillan  <kmacmill@localhost.localdomain>
- Add allow_cvs_read_shadow.py, allow_ftp_use_cifs, allow_ftp_use_nfs, and allow_gssd_read_tmp.
- Change AVC to have additional helpers for matching messages.
- Change Plugin to work better with more than one solution.

* Mon Jul 19 2006 Dan Walsh <dwalsh@redhat.com> - 0.7-1
- Fix setroubleshoot_dispatcher to catch all information from avc.  Much cleaner interface and no longer uses audit2allow cruft.
- Remove toolbar from popup window since it did nothing, and I think it looks better without it.
- fix allow_execmod plugin to report better data.



* Mon Jun 26 2006 John Dennis <jdennis@redhat.com> - 0.3-1
- add missing /var/log directory %files section in spec file, and add
  logrotate script

* Mon Jun 26 2006 John Dennis <jdennis@redhat.com> - 0.2-1
- clean up spec file, reduce rpmlint complaints

* Fri May 19 2006 John Dennis <jdennis@redhat.com> - 0.1-1
- Initial build.