On 2/3/20 10:02 PM, Samuel Sieb wrote:
On 2/3/20 6:59 PM, sean darcy wrote:
syslog has this every 10 seconds:
audit[1039229]: AVC avc: denied { read } for pid=1039229 comm="rpm"
name="Providename" dev="dm-1" ino=2622531
scontext=system_u:system_r:setroubleshootd_t:s0
tcontext=unconfined_u:object_r:var_lib_t:s0 tclass=file permissive=0
setroubleshootd[1036631]: error: cannot open Name index using db5 -
Permission denied (13)
setroubleshootd[1036631]: error: cannot open Basenames index using db5
- Permission denied (13)
setroubleshootd[1036631]: error: cannot open Providename index using
db5 - Permission denied (13)
I've run restorecon -r /var/lib/rpm , but still no joy.
Any suggestions?
That's a problem with setroubleshootd, not rpm. What user is it running
under? Check that process.
_______________________________________________
How would I find that out ?
# ps aux | grep setroubleshootd
root 1247827 0.0 0.0 112564 896 pts/0 S+ 10:41 0:00 grep
--color=auto setroubleshootd
# ps aux | grep sealert
root 1250561 0.0 0.0 112432 896 pts/0 S+ 10:49 0:00 grep
--color=auto sealert
#
From the setroubleshootd man page:
setroubleshootd is a system daemon which runs under setroubleshoot user
and listens for audit events emitted from the kernel related to
SELinux.
Not very helpful, but it doesn't seem there's any daemon running.
sean
_______________________________________________
users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
