Re: setroubleshoot: Import error....

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 8/8/06, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
Tom London wrote:
> I tried relabeling everything in /usr/share/setroubleshoot to lib_t
> and restarting setroubleshoot service. Now get:
>
> type=AVC msg=audit(1155049018.305:33): avc:  denied  { write } for
> pid=4347 comm="python" name="auditd_sock" dev=dm-0 ino=2785383
> scontext=user_u:system_r:setroubleshootd_t:s0
> tcontext=system_u:object_r:auditd_var_run_t:s0 tclass=sock_file
> type=SYSCALL msg=audit(1155049018.305:33): arch=40000003 syscall=102
> success=no exit=-13 a0=3 a1=bf9ce780 a2=2db118 a3=0 items=0 ppid=1
> pid=4347 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
> fsgid=0 tty=(none) comm="python" exe="/usr/bin/python"
> subj=user_u:system_r:setroubleshootd_t:s0 key=(null)
>
> tom
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Could you try to update to the policy available on
ftp://people.redhat.com:dwalsh/SELinux/Fedora

No joy.  Get this on the update:

(1/2): selinux-policy-2.3 100% |=========================| 291 kB    00:00
(2/2): selinux-policy-tar 100% |=========================| 648 kB    00:02
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
 Updating  : selinux-policy               ######################### [1/4]
 Updating  : selinux-policy-targeted      ######################### [2/4]
libsemanage.semanage_install_active: Could not copy
/etc/selinux/targeted/modules/active/netfilter_contexts to
/etc/selinux/targeted/contexts/netfilter_contexts.
libsemanage.semanage_install_active: Could not copy
/etc/selinux/targeted/modules/active/netfilter_contexts to
/etc/selinux/targeted/contexts/netfilter_contexts.
semodule:  Failed!
 Cleanup   : selinux-policy               ######################### [3/4]
 Cleanup   : selinux-policy-targeted      ######################### [4/4]

Updated: selinux-policy.noarch 0:2.3.5-1
selinux-policy-targeted.noarch 0:2.3.5-1
Complete!

And get this on 'service setroubleshoot start':

type=AVC msg=audit(1155053599.312:40): avc:  denied  { getattr } for
pid=3687 comm="python" name="__init__.py" dev=dm-0 ino=8589037
scontext=user_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:usr_t:s0 tclass=file
type=SYSCALL msg=audit(1155053599.312:40): arch=40000003 syscall=195
success=no exit=-13 a0=bf899217 a1=bf898d04 a2=8e4ff4 a3=21 items=0
ppid=3686 pid=3687 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="python" exe="/usr/bin/python"
subj=user_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC_PATH msg=audit(1155053599.312:40):
path="/usr/share/setroubleshoot/plugins/__init__.py"
type=AVC msg=audit(1155053599.312:41): avc:  denied  { getattr } for
pid=3687 comm="python" name="__init__.pyc" dev=dm-0 ino=8587951
scontext=user_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:usr_t:s0 tclass=file
type=SYSCALL msg=audit(1155053599.312:41): arch=40000003 syscall=195
success=no exit=-13 a0=bf899217 a1=bf898d04 a2=8e4ff4 a3=21 items=0
ppid=3686 pid=3687 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) comm="python" exe="/usr/bin/python"
subj=user_u:system_r:setroubleshootd_t:s0 key=(null)
type=AVC_PATH msg=audit(1155053599.312:41):
path="/usr/share/setroubleshoot/plugins/__init__.pyc"

'chcon -t lib_t /usr/share/setroubleshoot/plugin/*'  followed by
'service setrobleshoot start' results in the same:

type=AVC msg=audit(1155053762.417:42): avc:  denied  { write } for
pid=3760 comm="python" name="auditd_sock" dev=dm-0 ino=2785383
scontext=user_u:system_r:setroubleshootd_t:s0
tcontext=system_u:object_r:auditd_var_run_t:s0 tclass=sock_file
type=SYSCALL msg=audit(1155053762.417:42): arch=40000003 syscall=102
success=no exit=-13 a0=3 a1=bfab15f0 a2=26a118 a3=0 items=0 ppid=3759
pid=3760 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) comm="python" exe="/usr/bin/python"
subj=user_u:system_r:setroubleshootd_t:s0 key=(null)


tom
--
Tom London

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux