Hi all! I don't religiously follow everything that pops up in the selinux alerts, but now and then I go back and look at some of them. (I'm on an up to date Centos-7). Today I noted an error that seems to occur during a weekly raid check, from /etc/cron.d. the selinux alert is: SELinux is preventing /usr/sbin/mdadm from write access on the file /var/log/rear/rear-fcshome.log.lockless. so I go look at that file and find that it contains, down in the middle of commands run, a series of errors: 2017-02-19 01:30:03 Relax-and-Recover 1.17.2 / Git 2017-02-19 01:30:03 Command line options: /usr/sbin/rear checklayout 2017-02-19 01:30:03 Including /etc/rear/os.conf 2017-02-19 01:30:03 Including conf/Linux-i386.conf 2017-02-19 01:30:03 Including conf/GNU/Linux.conf 2017-02-19 01:30:04 Including /etc/rear/local.conf 2017-02-19 01:30:04 Running 'init' stage 2017-02-19 01:30:04 Including init/default/01_set_drlm_env.sh 2017-02-19 01:30:04 Finished running 'init' stage in 0 seconds 2017-02-19 01:30:04 Using build area '/tmp/rear.oaWHSvnwNFddStm' 2017-02-19 01:30:04 Running checklayout workflow 2017-02-19 01:30:04 Running 'layout/precompare' stage 2017-02-19 01:30:04 Including layout/precompare/default/11_check_layout_file.sh 2017-02-19 01:30:04 Finished running 'layout/precompare' stage in 0 seconds 2017-02-19 01:30:04 Running 'layout/save' stage 2017-02-19 01:30:04 Including layout/save/GNU/Linux/10_create_layout_file.sh 2017-02-19 01:30:04 Creating disk layout 2017-02-19 01:30:04 Preparing layout directory. 2017-02-19 01:30:04 Including layout/save/GNU/Linux/15_save_diskbyid_mappings.sh 2017-02-19 01:30:05 Saved diskbyid_mappings 2017-02-19 01:30:05 Including layout/save/GNU/Linux/20_partition_layout.sh 2017-02-19 01:30:06 Saving disk partitions. 2017-02-19 01:30:08 Including layout/save/GNU/Linux/21_raid_layout.sh 2017-02-19 01:30:08 Saving Software RAID configuration. /usr/share/rear/layout/save/GNU/Linux/21_raid_layout.sh: line 44: let: sparedevices=-: syntax error: operand expected (error token is "-") /usr/share/rear/layout/save/GNU/Linux/21_raid_layout.sh: line 65: [: : integer expression expected /usr/share/rear/layout/save/GNU/Linux/21_raid_layout.sh: line 44: let: sparedevices=-: syntax error: operand expected (error token is "-") /usr/share/rear/layout/save/GNU/Linux/21_raid_layout.sh: line 65: [: : integer expression expected /usr/share/rear/layout/save/GNU/Linux/21_raid_layout.sh: line 44: let: sparedevices=-: syntax error: operand expected (error token is "-") /usr/share/rear/layout/save/GNU/Linux/21_raid_layout.sh: line 65: [: : integer expression expected /usr/share/rear/layout/save/GNU/Linux/21_raid_layout.sh: line 44: let: sparedevices=-: syntax error: operand expected (error token is "-") /usr/share/rear/layout/save/GNU/Linux/21_raid_layout.sh: line 65: [: : integer expression expected 2017-02-19 01:30:09 Including layout/save/GNU/Linux/22_lvm_layout.sh 2017-02-19 01:30:09 Saving LVM layout. 2017-02-19 01:30:11 Including layout/save/GNU/Linux/23_filesystem_layout.sh 2017-02-19 01:30:11 Begin saving filesystem layout 2017-02-19 01:30:11 Saving filesystem layout (using the findmnt command). 2017-02-19 01:30:16 End saving filesystem layout 2017-02-19 01:30:16 Including layout/save/GNU/Linux/24_swaps_layout.sh 2017-02-19 01:30:16 Saving Swap information. 2017-02-19 01:30:16 Including layout/save/GNU/Linux/25_drbd_layout.sh 2017-02-19 01:30:16 Including layout/save/GNU/Linux/26_crypt_layout.sh 2017-02-19 01:30:16 Saving Encrypted volumes. 2017-02-19 01:30:16 Device Mapper name No not found in /dev/mapper. 2017-02-19 01:30:16 Including layout/save/GNU/Linux/27_hpraid_layout.sh 2017-02-19 01:30:16 Including layout/save/GNU/Linux/28_multipath_layout.sh 2017-02-19 01:30:16 Did not find multipath device No in the expected location. 2017-02-19 01:30:16 Including layout/save/default/30_list_dependencies.sh 2017-02-19 01:30:16 Including layout/save/default/31_autoexclude_usb.sh 2017-02-19 01:30:16 Including layout/save/default/31_include_exclude.sh 2017-02-19 01:30:16 Including layout/save/default/32_autoexclude.sh 2017-02-19 01:30:17 Disk /dev/sdb is not used by any mounted filesystem. Excluding. 2017-02-19 01:30:17 Disk /dev/sdc is not used by any mounted filesystem. Excluding. 2017-02-19 01:30:17 Including layout/save/default/33_remove_exclusions.sh 2017-02-19 01:30:17 Including layout/save/GNU/Linux/34_false_blacklisted.sh 2017-02-19 01:30:18 Including layout/save/default/34_generate_mountpoint_device.sh 2017-02-19 01:30:18 Including layout/save/GNU/Linux/35_copy_drbdtab.sh 2017-02-19 01:30:18 Including layout/save/default/40_check_backup_special_files.sh 2017-02-19 01:30:18 Including layout/save/default/45_check_bootloader_files.sh 2017-02-19 01:30:18 Including layout/save/default/45_check_network_files.sh 2017-02-19 01:30:18 Including layout/save/GNU/Linux/50_extract_vgcfg.sh 2017-02-19 01:30:18 Including layout/save/GNU/Linux/51_current_disk_usage.sh 2017-02-19 01:30:19 Including layout/save/default/60_snapshot_files.sh 2017-02-19 01:30:19 Finished running 'layout/save' stage in 15 seconds 2017-02-19 01:30:19 Running 'layout/compare' stage 2017-02-19 01:30:19 Including layout/compare/default/50_compare_layout.sh 2017-02-19 01:30:19 Disk layout is identical. 2017-02-19 01:30:19 Including layout/compare/default/51_compare_files.sh 2017-02-19 01:30:20 Finished running 'layout/compare' stage in 1 seconds 2017-02-19 01:30:20 Finished running checklayout workflow 2017-02-19 01:30:20 Running exit tasks. 2017-02-19 01:30:20 Finished in 18 seconds 2017-02-19 01:30:20 Removing build area /tmp/rear.oaWHSvnwNFddStm 2017-02-19 01:30:20 End of program reached selinux says it prevent writes to this file. but the file was clearly written to! Is selinux stupid enough to mistake shell errors as a failure to write? Also, in trying to figure out what those errors mean, I looked at the file specified in the errors, /usr/share/rear/layout/save/GNU/Linux/21_raid_layout.sh, where I find line 44 and a couple above it read: ndevices=$( grep "Raid Devices" $TMP_DIR/mdraid | tr -d " " | cut -d ":" -f "2") totaldevices=$( grep "Total Devices" $TMP_DIR/mdraid | tr -d " " | cut -d ":" -f "2") let sparedevices=$totaldevices-$ndevices it appears that "ndevices" and "totaldevices" are both empty (not zero, but empty) because the error report above says "-" isn't valid, which would happen if those two variables were unpopulated. At this point I haven't yet found out where those values come from... (more to the point, I haven't yet figured out where TMP_DIR comes from) If any of you know more than I (I've never seen this code before) I'd appreciate a pointer, but I'll keep looking too. In the meantime, my software raid seems to keep chugging along. thanks in advance! Fred -- ---- Fred Smith -- fredex@xxxxxxxxxxxxxxxxxxxxxx ---------------------------- Do you not know? Have you not heard? The LORD is the everlasting God, the Creator of the ends of the earth. He will not grow tired or weary, and his understanding no one can fathom. ----------------------------- Isaiah 40:28 (niv) ----------------------------- _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx https://lists.centos.org/mailman/listinfo/centos