On Tue, Feb 12, 2008 at 3:52 PM, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Valent Turkovic wrote: > > > On Feb 9, 2008 6:36 PM, Rahul Sundaram <sundaram@xxxxxxxxxxxxxxxxx> wrote: > >> Valent Turkovic wrote: > >> > >>> Ok, so my system is still protected but I can't see the issues what > >>> happen becuase sel troubleshooter service crashes? > >>> To be honesti I prefer it this way :) > >> You can still see the issues in the logs. SELinux troubleshooter parses > >> the AVC denied messages from the logs that are usually cryptic and > >> attempts to convert them into a language that end users can more easily > >> understand while attempting to also provide suggestions on actions to > >> take. If you don't want that, you might as well as just remove the package. > >> > >> > >> Rahul > > > > I was joking a bit :) I like selinux-troubleshooter features. > > > > I was thinking of danger googles from Hitchikers guide to galaxy which > > in case od danger close their lids so you can't see the danges and are > > there for protected from it :) I draw a paralel to sel trobleshooter > > crashing :) > > > > Valent. > > > > grep setroubleshoot /var/log/audit/audit.log > > The setroubleshooter has nothing to do with SELinux protections. It job > is to watch for SELinux errors (avc's in /var/log/audit/audit.log), and > then to try to translate them into actions that the user can execute. > > The problem is if it sees an AVC about itself, it can try to act on it, > which might generate an AVC on itself, which it can act on, which might > generate and AVC on itself ... > > So we have it commit suicide when it sees avc's on itself. > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.8 (GNU/Linux) > Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org > > iEYEARECAAYFAkexssgACgkQrlYvE4MpobNrgACgpdr7Bjll9OhfkOLK0IbYdgiK > /BcAnj14frbBSAbCeQleBVUuo+s0k497 > =Wv0t > -----END PGP SIGNATURE----- > > > > -- > fedora-list mailing list > fedora-list@xxxxxxxxxx > To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list > # grep setroubleshoot /var/log/audit/audit.log type=AVC msg=audit(1201571149.355:42): avc: denied { getattr } for pid=2274 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1201571149.355:42): arch=40000003 syscall=229 success=yes exit=33 a0=97802b4 a1=ae3723 a2=96b8730 a3=ff items=0 ppid=1 pid=2274 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1201684153.540:51): avc: denied { getattr } for pid=2154 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1201684153.540:51): arch=40000003 syscall=229 success=yes exit=33 a0=953a2b4 a1=ae3723 a2=9478498 a3=ff items=0 ppid=1 pid=2154 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1201769937.821:56): avc: denied { getattr } for pid=2171 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1201769937.821:56): arch=40000003 syscall=229 success=yes exit=33 a0=9dce2b4 a1=ae3723 a2=9d052f0 a3=ff items=0 ppid=1 pid=2171 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1201950125.291:41): avc: denied { getattr } for pid=2155 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1201950125.291:41): arch=40000003 syscall=229 success=yes exit=33 a0=9b3f2b4 a1=ae3723 a2=99e4d18 a3=ff items=0 ppid=1 pid=2155 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202037784.731:45): avc: denied { getattr } for pid=2241 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1202037784.731:45): arch=40000003 syscall=229 success=yes exit=33 a0=a3012b4 a1=ae3723 a2=a2332b8 a3=ff items=0 ppid=1 pid=2241 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202147108.451:56): avc: denied { getattr } for pid=3725 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=unconfined_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1202147108.451:56): arch=40000003 syscall=229 success=yes exit=33 a0=8ad22b4 a1=ae3723 a2=8a10a60 a3=ff items=0 ppid=1 pid=3725 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=unconfined_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202232271.895:45): avc: denied { read } for pid=2089 comm="setroubleshootd" name="depcomp" dev=sda12 ino=367 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:fusefs_t:s0 tclass=lnk_file type=SYSCALL msg=audit(1202232271.895:45): arch=40000003 syscall=229 success=yes exit=27 a0=88d18f4 a1=ae3723 a2=87ec208 a3=ff items=0 ppid=1 pid=2089 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202232271.932:46): avc: denied { getattr } for pid=2089 comm="setroubleshootd" path=2F766964656F2F305F72656D6F76652064726D2F467265654D65322F646570636F6D70 dev=sda12 ino=367 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:fusefs_t:s0 tclass=lnk_file type=SYSCALL msg=audit(1202232271.932:46): arch=40000003 syscall=196 success=yes exit=0 a0=87c5548 a1=b7a79748 a2=d33ff4 a3=873bbd0 items=0 ppid=1 pid=2089 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202342788.922:91): avc: denied { read } for pid=2106 comm="setroubleshootd" name="depcomp" dev=sda12 ino=367 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:fusefs_t:s0 tclass=lnk_file type=SYSCALL msg=audit(1202342788.922:91): arch=40000003 syscall=229 success=yes exit=27 a0=946b8f4 a1=ae3723 a2=937b5e8 a3=ff items=0 ppid=1 pid=2106 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202342788.937:92): avc: denied { getattr } for pid=2106 comm="setroubleshootd" path=2F766964656F2F305F72656D6F76652064726D2F467265654D65322F646570636F6D70 dev=sda12 ino=367 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:fusefs_t:s0 tclass=lnk_file type=SYSCALL msg=audit(1202342788.937:92): arch=40000003 syscall=196 success=yes exit=0 a0=92e01f0 a1=b79de748 a2=d33ff4 a3=92d5bd0 items=0 ppid=1 pid=2106 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202378035.603:44): avc: denied { getattr } for pid=2177 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1202378035.603:44): arch=40000003 syscall=229 success=yes exit=33 a0=a01b2b4 a1=ae3723 a2=9f4d2b8 a3=ff items=0 ppid=1 pid=2177 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202462227.385:51): avc: denied { read } for pid=2195 comm="setroubleshootd" name="depcomp" dev=sda12 ino=367 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:fusefs_t:s0 tclass=lnk_file type=SYSCALL msg=audit(1202462227.385:51): arch=40000003 syscall=229 success=yes exit=27 a0=b7a46974 a1=ae3723 a2=b650c270 a3=ff items=0 ppid=1 pid=2195 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202462227.439:52): avc: denied { getattr } for pid=2195 comm="setroubleshootd" path=2F766964656F2F305F72656D6F76652064726D2F467265654D65322F646570636F6D70 dev=sda12 ino=367 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:fusefs_t:s0 tclass=lnk_file type=SYSCALL msg=audit(1202462227.439:52): arch=40000003 syscall=196 success=yes exit=0 a0=b6505120 a1=b7a1d748 a2=d33ff4 a3=9e6d360 items=0 ppid=1 pid=2195 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202556462.177:81): avc: denied { getattr } for pid=2127 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1202556462.177:81): arch=40000003 syscall=229 success=yes exit=33 a0=b7a06cb4 a1=ae3723 a2=95475a8 a3=ff items=0 ppid=1 pid=2127 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202721977.249:48): avc: denied { read } for pid=2110 comm="setroubleshootd" name="depcomp" dev=sda12 ino=367 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:fusefs_t:s0 tclass=lnk_file type=SYSCALL msg=audit(1202721977.249:48): arch=40000003 syscall=229 success=yes exit=27 a0=8ac9974 a1=ae3723 a2=8b179d0 a3=ff items=0 ppid=1 pid=2110 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202721977.303:49): avc: denied { getattr } for pid=2110 comm="setroubleshootd" path=2F766964656F2F305F72656D6F76652064726D2F467265654D65322F646570636F6D70 dev=sda12 ino=367 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:fusefs_t:s0 tclass=lnk_file type=SYSCALL msg=audit(1202721977.303:49): arch=40000003 syscall=196 success=yes exit=0 a0=8afb840 a1=b7a53748 a2=d33ff4 a3=8a808f0 items=0 ppid=1 pid=2110 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202809095.070:50): avc: denied { getattr } for pid=2068 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1202809095.070:50): arch=40000003 syscall=229 success=yes exit=33 a0=8d9ccb4 a1=ae3723 a2=8e97d70 a3=ff items=0 ppid=1 pid=2068 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1202894992.290:50): avc: denied { getattr } for pid=2029 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1202894992.290:50): arch=40000003 syscall=229 success=yes exit=33 a0=9891cb4 a1=ae3723 a2=99795a0 a3=ff items=0 ppid=1 pid=2029 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) type=AVC msg=audit(1203067253.246:63): avc: denied { getattr } for pid=2026 comm="setroubleshootd" name="static.youtube.com_yt_img_pic_blue_top_300x400-vfl30243.gif_13d6cdb2" dev=sda6 ino=608020 scontext=system_u:system_r:setroubleshootd_t:s0 tcontext=system_u:object_r:unlabeled_t:s0 tclass=file type=SYSCALL msg=audit(1203067253.246:63): arch=40000003 syscall=229 success=yes exit=33 a0=8e34cb4 a1=ae3723 a2=8f2ff18 a3=ff items=0 ppid=1 pid=2026 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="setroubleshootd" exe="/usr/bin/python" subj=system_u:system_r:setroubleshootd_t:s0 key=(null) -- http://kernelreloaded.blog385.com/ linux, blog, anime, spirituality, windsurf, wireless registered as user #367004 with the Linux Counter, http://counter.li.org. ICQ: 2125241, Skype: valent.turkovic
