[access] # fix_cmd_users: Comma-separated list of users allowed to run the fix # commands with root privileges. Members of this list can execute the fix # commands specified in any alert. The command is executed with root # privileges so you should be very caeful who you add to this list as you are # granting them significant power to alter the security settings of this # system. The wildcard '*' is NOT allowed. fix_cmd_users = root # client_users: Comma-separated list of users allowed to run the client and # connect to the local fault server and therefore see security denials. Also # accepts '*' to allow all users to connect. client_users = * [alert] # use_notification: Control balloon notification. Possible values: # always,never,browser_hidden "always" will always display the notification. # "never" disables notification completely. "browser_hidden" displays the # notification but only if the alert browser is not visible. Note: individual # alerts can be flagged as silent disabling notification for a specific alert, # this parameter does not override that. use_notification = always [audit] # binary_protocol_socket_path: unix domain socket used to listen for audit # messages (binary audit protocol) binary_protocol_socket_path = /var/run/audit_events # retry_interval: number of seconds to wait before trying to connect to audit # socket again in the event of socket failure retry_interval = 60 # text_protocol_socket_path: unix domain socket used to listen for audit # messages (textural audit protocol) text_protocol_socket_path = /var/run/audispd_events [client_connect_to] # path: No Description Available path = /var/run/setroubleshoot/setroubleshoot_server # address_list: List of socket addresses server should listen on for client # connections. Addresses should not contain any whitespace. Each address is of # the form "[{family}]address[:port]" where [] indicates the value is # optional. Valid values for family are inet or unix, if the family is absent # it defaults to inet. If the family is unix the address is interpreted as a # file path. If the family is inet the address is interpreted as either a host # name or IP address. As a special case if the inet address is "hostname" the # current hostname will be substituted. If the family is inet the address may # optionally be followed by a colon (:) and a port number. If the port number # is absent in the address it defaults to the port specified in this config # section. Example, to listen on the local unix domain socket and provide # remote connections use this "{unix}%(path)s, hostname" address_list = {unix}%(path)s hostname [connection] # default_port: No Description Available default_port = 69783 [database] # database_dir: No Description Available database_dir = /var/lib/setroubleshoot # max_alert_age: Purge any alerts whose age based on it's last seen date # exceeds this threshold. Age may be specified as a sequence of integer unit # pairs. Units may be one of year,month,week,day,hour,minute,second and may # optionally be plural. Example: '2 weeks 1 day' sets the threshold at 15 # days. An empty string implies no limit max_alert_age = # max_alerts: Keep no more than this many alerts in the database. Oldest # alerts based on the alert's last seen date will be purged first. Zero # implies no limit max_alerts = 50 # filename: No Description Available filename = setroubleshoot [email] # recipients_filepath: Path name of file with email recipients. One address # per line, optionally followed by enable flag. Comment character is #. recipients_filepath = /var/lib/setroubleshoot/email_alert_recipients # smtp_port: The SMTP server port smtp_port = 25 # smtp_host: The SMTP server address smtp_host = localhost # from_address: The From: email header from_address = SELinux_Troubleshoot # subject: The Subject: email header subject = SELinux AVC Alert [fix_cmd] # run_fix_cmd_enable: Permit running fix commands run_fix_cmd_enable = False [general] # project_url: URL of project website project_url = http://hosted.fedoraproject.org/projects/setroubleshoot # use_auparse: No Description Available use_auparse = False # pid_file: No Description Available pid_file = /var/run/setroubleshootd.pid [help] # bug_report_url: URL used to report bugs bug_report_url = http://bugzilla.redhat.com/bugzilla/enter_bug.cgi # help_url: URL to user help information help_url = http://hosted.fedoraproject.org/projects/setroubleshoot/wiki/SETroubleShoot%%20User%%20FAQ [helper_apps] # web_browser_launcher: Helper application to launch web browser on a URL web_browser_launcher = /usr/bin/xdg-open [listen_for_client] # path: No Description Available path = /var/run/setroubleshoot/setroubleshoot_server # address_list: List of socket addresses server should listen on for client # connections. Addresses should not contain any whitespace. Each address is of # the form "[{family}]address[:port]" where [] indicates the value is # optional. Valid values for family are inet or unix, if the family is absent # it defaults to inet. If the family is unix the address is interpreted as a # file path. If the family is inet the address is interpreted as either a host # name or IP address. As a special case if the inet address is "hostname" the # current hostname will be substituted. If the family is inet the address may # optionally be followed by a colon (:) and a port number. If the port number # is absent in the address it defaults to the port specified in this config # section. Example, to listen on the local unix domain socket and provide # remote connections use this "{unix}%(path)s, hostname" address_list = {unix}%(path)s [plugins] # plugin_dir: No Description Available plugin_dir = /usr/share/setroubleshoot/plugins [sealert_log] # profile: True|False, gather statistics profile = False # console: True|False, also log to the console console = False # format: No Description Available format = %(asctime)s [%(name)s.%(levelname)s] %(message)s # level: Global logging level. Levels are the same as in the python logging # module, but are case insenstive. The level may also be specified as an # integer. The defined levels in severity order are:[CRITICAL, ERROR, WARNING, # INFO, DEBUG] level = warning # filename: No Description Available filename = # filemode: should be "w" or "a" for write or append respectively filemode = a # categories: Comma seperated list of logging categories. Each categories may # optionally be followed by a colon(:) and a logging level, which either may # be one of the symbolic levels or numeric, e.g. ipc:info. If no level is # defined the default level is used. If the category name is preceded by a # tilde (~) the category is not logged at all. The list of available # categories is: [rpc, xml, cfg, alert, sig, plugin, avc, email, gui, # gui_data, program, database, server, dbus, stats, communication, subprocess] categories = [setroubleshootd_log] # profile: True|False, gather statistics profile = False # console: True|False, also log to the console console = False # format: No Description Available format = %(asctime)s [%(name)s.%(levelname)s] %(message)s # level: Global logging level. Levels are the same as in the python logging # module, but are case insenstive. The level may also be specified as an # integer. The defined levels in severity order are:[CRITICAL, ERROR, WARNING, # INFO, DEBUG] level = warning # filename: No Description Available filename = /var/log/setroubleshoot/setroubleshootd.log # filemode: should be "w" or "a" for write or append respectively filemode = w # categories: Comma seperated list of logging categories. Each categories may # optionally be followed by a colon(:) and a logging level, which either may # be one of the symbolic levels or numeric, e.g. ipc:info. If no level is # defined the default level is used. If the category name is preceded by a # tilde (~) the category is not logged at all. The list of available # categories is: [rpc, xml, cfg, alert, sig, plugin, avc, email, gui, # gui_data, program, database, server, dbus, stats, communication, subprocess] categories =