December 8th, 2011

Why isn't setroubleshoot working in Fedora 16?

Well if you did a fresh install it does work.  But if you did an upgrade install from an older Fedora you have a problem.

setroubleshootd is a dbus service launched by the audit daemon.    In Fedora 16 all daemons that were running under as System V init scripts and were converted to systemd, no longer are started by default.  Meaning the auditd daemon is probably no longer running on your machines.  You might notice AVC messages showing up in /var/log/messages, rather then /var/log/audit/audit.log.

It is simple to fix this problem by executing

# systemctl enable auditd.service
# systemctl start auditd.service

This will re-enable the auditd daemon and your setroubleshoot daemon should start working again.  If you get any AVC messages, they will start showing up in the /var/log/audit/audit.log.