setroubleshootd not running

Daniel J Walsh dwalsh at redhat.com
Wed Apr 21 13:02:29 UTC 2010 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/21/2010 02:34 AM, Robert Nichols wrote:
> What, in the hopelessly complex chain of process startups, is supposed
> to start
> setroubleshootd?  

setroubleshootd is now a dbus service.  It is supposed to be started
when and AVC arrives or you start the sealert browser.  It dies 10
seconds after the last connection/AVC arrival.

This link describes how it is supposed to work.
http://danwalsh.livejournal.com/28828.html

Sounds like you might have found a bug in setroubleshoot.
Setroubleshoot will also command suicide if the avc is about itself.

I find it is either not getting started or silently
> dieing on
> my Fedora 12 system.  I find I've been getting a bunch of AVCs logged,
> with no
> alert of course, and no way to get those AVCs translated with
> human-readable
> timestamps so that I have the slightest chance of correlating those with
> anything else going on in the system.  ("sealert -a
> /var/log/audit/audit.log" just dies with "NameError: global name 'avc'
> is not defined".)
> 
You can see the AVC's via ausearch.

ausearch -m avc -ts recent

To show recent avc's

ausearch -m avc -ts today

To show todays AVCs
> The manpage for sealert mentions a GUI browser.  That must have been in
> somebody's wet dream, because there is no such thing.  Regardless of how
> sealert is started, the GUI menu discussed in the manpage does not exist.
> 
Applications/System Tools/SELinux Troubleshooter
sealert -b
will launch the browser.

man sealert
...
       -b --browser
              Launch the browser


If the browser is blowing up you could just execute
sealert -S

And see if it is throwing an exception.
> Again, SElinux turns out to be a bigger pain than anything it is supposedly
> protecting against.
> 
> 
> 
> --
> selinux mailing list
> selinux at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux


Send me the output of ausearch -m avc -ts today and I will see what is
going on.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkvO92UACgkQrlYvE4MpobMYugCdFbkoBTpQ+Gsj1CzthajFNScj
oqUAnR6+YduCL9XVtp3Eo6XXw/WPPuZH
=WC0x
-----END PGP SIGNATURE-----

More information about the selinux mailing list