Comment 28 for bug 372304

Revision history for this message
In , Arthur (arthur-redhat-bugs) wrote :

OK - Here's the odd thing...

I have (or I should say had) the yum rpm package of F2B installed on my F11 system. This required a slew of selinux local policies to work - and even more after the update.

To do my testing of the bugfixes by Buanzo and Cyril I created a F11 vmware virtual machine because I didn't want to risk tinkering with my production box. I used the tarball that they released and it all worked fine inside the VM. After posting my message above about the selinux problem it occurred to me that I had selinux in the default Enforcing mode in the VM and I had no problems. I certainly did not need to create any local selinux policies.

Now that v.0.8.4 is available I decided to to wait for you to package it but use the tarball instead.

I uninstalled v.0.8.3 with "yum erase fail2ban" and then I removed my local selinux policy (semodule -r myfail2ban). I installed F2B v.0.8.4 from the tarball and, running with the same init.d script, using the same logfile and the same socket, the same configuration files and the same jail definitions, writing to the same syslog and sending alert emails to the same user - I get *NO* selinux avcs! None. Not one...

I don't pretend to understand this (I thought the rpm simply placed the same python scripts in the same places as the tarball install?) but I have to say I won't be returning to the rpm any time soon!

I am interested to hear if anyone else has a similar experience - or is it just my system that's screwy?

Thanks for all the effort that everyone puts into this project. Much appreciated...

Mark