Dan, The issue persists even after touch/.autorelabel reboot Also checked setroubleshoot before and after reboot, and it is labeled >>ls -Z setroubleshoot -rwxr-xr-x root root system_u:object_r:initrc_exec_t setroubleshoot Thanks, Radha. -----Original Message----- From: Daniel J Walsh [mailto:dwalsh@xxxxxxxxxx] Sent: Tuesday, August 31, 2010 8:42 AM To: Radha Venkatesh (radvenka) Cc: fedora-selinux-list@xxxxxxxxxx Subject: Re: setroubleshootd dead but pid file exists -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/31/2010 11:38 AM, Radha Venkatesh (radvenka) wrote: > > Dan, > > Yes, we are seeing setroubleshoot related avc messages. Attached is > the output of "ausearch -m avc | grep setroubleshoot". > > Thanks, > Radha. > > > -----Original Message----- > From: Daniel J Walsh [mailto:dwalsh@xxxxxxxxxx] > Sent: Tuesday, August 31, 2010 8:24 AM > To: Radha Venkatesh (radvenka) > Cc: fedora-selinux-list@xxxxxxxxxx > Subject: Re: setroubleshootd dead but pid file exists > > On 08/31/2010 11:17 AM, Radha Venkatesh (radvenka) wrote: >> Hi, > >> The problem we face is > >>>> service setroubleshoot status >> setroubleshootd dead but pid file exists > >> We are running into Bug 480432 >> <https://bugzilla.redhat.com/show_bug.cgi?id=480432> - >> setroubleshootd killed - apparently by selinux on our system. The >> kernel we are running on is 2.6.18-194.el5PAE and the selinux, >> setroubleshoot rpms being used are > >> libselinux-1.33.4-5.5.el5 >> selinux-policy-strict-2.4.6-279.el5 >> platform-selinux-2.0.0.0-1 >> cm-selinux-2.0.0.0-0 >> libselinux-python-1.33.4-5.5.el5 >> libselinux-utils-1.33.4-5.5.el5 >> selinux-policy-2.4.6-279.el5 > >> setroubleshoot-server-2.0.5-5.el5 >> setroubleshoot-plugins-2.0.4-2.el5 > >> Is there a workaround for the above issue, if we cannot go to the >> latest kernel? > >> Thanks, >> Radha. > > > > > > > >> -- >> selinux mailing list >> selinux@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/selinux > Are you seeing an AVC about setroubleshoot? > > ausearch -m avc -ts recent > > > Or ausearch -m avc | grep setroubleshoot > Well you have setroubleshoot running as sshd_t? I think you have a badly mislabeled system touch /.autorelabel; reboot And see if things start to work correctly. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkx9ItMACgkQrlYvE4MpobN91QCg52hYDUwPHXeVuMsvlBkBMF8d 7wEAn0lkY1dbtIQO/SF3/XeC7UQhkiPa =eMjP -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
