Bug 1004553

Summary: setroubleshoot not sending email
Product: [Fedora] Fedora Reporter: James Withers (Audere Commerce) <james.withers>
Component: setroubleshootAssignee: Daniel Walsh <dwalsh>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 19CC: dwalsh, james.withers, mgrepl, tim
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: setroubleshoot-3.2.10-2.fc19 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-09-12 01:58:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description James Withers (Audere Commerce) 2013-09-04 22:32:20 UTC 
Description of problem: setroubleshoot-server is not sending e-mails, despite /var/lib/setroubleshoot/email_alert_recipients containing "jamesw.withers", and postfix working (verified using sendmail command).


Version-Release number of selected component (if applicable): setroubleshoot-server-3.2.10-1.fc19.x86_64


How reproducible: Every time


Steps to Reproduce:
1. Generate SELinux Denial by setting Port 222 in /etc/ssh/sshd_config and restarting sshd.

Actual results:

# tail -f /var/log/audit/audit.log
type=SERVICE_STOP msg=audit(1378333123.989:114): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-logind" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1378333124.000:115): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-logind" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1378333146.109:116): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="sshd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1378333146.127:117): avc:  denied  { name_bind } for  pid=883 comm="sshd" src=222 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:reserved_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1378333146.127:117): arch=c000003e syscall=49 success=no exit=-13 a0=3 a1=7f6ce09081b0 a2=10 a3=7fffed8b7ed0 items=0 ppid=1 pid=883 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1378333146.131:118): avc:  denied  { name_bind } for  pid=883 comm="sshd" src=222 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:reserved_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1378333146.131:118): arch=c000003e syscall=49 success=no exit=-13 a0=3 a1=7f6ce0908150 a2=1c a3=7fffed8b7e54 items=0 ppid=1 pid=883 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=CRYPTO_KEY_USER msg=audit(1378333146.134:119): pid=883 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=58:b0:73:c8:e7:70:dc:97:04:5a:e7:e7:49:db:fa:60 direction=? spid=883 suid=0  exe="/usr/sbin/sshd" hostname=? addr=UNKNOWN terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1378333146.134:120): pid=883 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=66:17:e0:61:05:ee:7f:75:93:e7:15:1e:16:cb:52:55 direction=? spid=883 suid=0  exe="/usr/sbin/sshd" hostname=? addr=UNKNOWN terminal=? res=success'
type=SERVICE_STOP msg=audit(1378333146.138:121): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="sshd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'

# tail -f /var/log/messages
Sep  4 22:18:43 www systemd[1]: Stopping Login Service...
Sep  4 22:18:43 www systemd[1]: Starting Login Service...
Sep  4 22:18:44 www systemd[1]: Started Login Service.
Sep  4 22:18:44 www systemd-logind[867]: Watching system buttons on /dev/input/event0 (Power Button)
Sep  4 22:18:44 www systemd-logind[867]: New seat seat0.
Sep  4 22:18:44 www systemd-logind[867]: New session 1 of user root.
Sep  4 22:19:06 www systemd[1]: Starting OpenSSH server daemon...
Sep  4 22:19:06 www systemd[1]: Started OpenSSH server daemon.
Sep  4 22:19:06 www systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a
Sep  4 22:19:06 www systemd[1]: Unit sshd.service entered failed state.

# tail -f /var/log/maillog
Sep  4 17:03:06 www postfix/qmgr[1579]: E212A402E0: removed
Sep  4 17:03:06 www postfix/qmgr[1579]: E428040309: removed
Sep  4 17:03:06 www postfix/qmgr[1579]: 095514030B: removed
Sep  4 21:35:05 www postfix/postfix-script[479]: starting the Postfix mail system
Sep  4 21:35:05 www postfix/master[481]: daemon started -- version 2.10.1, configuration /etc/postfix
[No record of mail sent]

Expected results:

Email sent to james.withers, and a record in /var/log/maillog confirming this.
 
I followed the tutorial here: http://major.io/2011/09/15/receive-e-mail-reports-for-selinux-avc-denials/.
Comment 1 Daniel Walsh 2013-09-05 15:32:00 UTC 
Any messages in /var/log/messages?  Any denials of setroubleshootd?

Also is setroubleshootd running?  Kill it and see if the messages start.
Comment 2 James Withers (Audere Commerce) 2013-09-10 00:07:55 UTC 
Rebooted machine, setroubleshoot detected; got:

Sep  9 23:53:29 www systemd[1]: Stopping OpenSSH server daemon...
Sep  9 23:53:29 www systemd[1]: Starting OpenSSH server daemon...
Sep  9 23:53:29 www systemd[1]: Started OpenSSH server daemon.
Sep  9 23:53:29 www systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a
Sep  9 23:53:29 www systemd[1]: Unit sshd.service entered failed state.
Sep  9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
Sep  9 23:53:29 www dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
Sep  9 23:53:29 www dbus-daemon[187]: Traceback (most recent call last):
Sep  9 23:53:29 www dbus-daemon[187]: File "/usr/sbin/setroubleshootd", line 98, in <module>
Sep  9 23:53:29 www dbus-daemon[187]: from setroubleshoot.server import RunFaultServer
Sep  9 23:53:29 www dbus-daemon[187]: File "/usr/lib64/python2.7/site-packages/setroubleshoot/server.py", line 30, in <module>
Sep  9 23:53:29 www dbus-daemon[187]: import gobject
Sep  9 23:53:29 www dbus-daemon[187]: ImportError: No module named gobject
Sep  9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1
Sep  9 23:53:29 www dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1
Sep  9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
Sep  9 23:53:29 www dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
Sep  9 23:53:29 www dbus-daemon[187]: Traceback (most recent call last):
Sep  9 23:53:29 www dbus-daemon[187]: File "/usr/sbin/setroubleshootd", line 98, in <module>
Sep  9 23:53:29 www dbus-daemon[187]: from setroubleshoot.server import RunFaultServer
Sep  9 23:53:29 www dbus-daemon[187]: File "/usr/lib64/python2.7/site-packages/setroubleshoot/server.py", line 30, in <module>
Sep  9 23:53:29 www dbus-daemon[187]: import gobject
Sep  9 23:53:29 www dbus-daemon[187]: ImportError: No module named gobject
Sep  9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1
Sep  9 23:53:29 www dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1

Looks like it's missing the dependency on pygobject2 if you install on a headless machine (yum install setroubleshoot-server) as I did (yum install setroubleshoot will give pygobject3 as a dependency to be installed).
Comment 3 Miroslav Grepl 2013-09-10 10:54:28 UTC 
What does

# rpm -q --requires setroubleshoot
Comment 4 James Withers (Audere Commerce) 2013-09-10 12:38:38 UTC 
This is headless, setroubleshoot (with GUI) is a different product:

[root@www ~]# rpm -q --requires setroubleshoot-server
/bin/sh
/bin/sh
/bin/sh
/sbin/service
/sbin/service
/usr/bin/python
audit >= 1.2.6-3
audit-libs-python >= 1.2.6-3
config(setroubleshoot-server) = 3.2.10-1.fc19
libauparse.so.0()(64bit)
libc.so.6()(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
libc.so.6(GLIBC_2.3.4)(64bit)
libc.so.6(GLIBC_2.4)(64bit)
libcap-ng.so.0()(64bit)
libdbus-1.so.3()(64bit)
libpthread.so.0()(64bit)
libpython2.7.so.1.0()(64bit)
libselinux-python >= 2.1.5-1
libselinux.so.1()(64bit)
libxml2-python
policycoreutils-python
python(abi) = 2.7
python-slip-dbus
rpm-python
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PartialHardlinkSets) <= 4.0.4-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rtld(GNU_HASH)
setroubleshoot-plugins >= 3.0.14
systemd-python
rpmlib(PayloadIsXz) <= 5.2-1

Missing pygobject2 (unless it's hidden in one of the others)?
Comment 5 Daniel Walsh 2013-09-10 15:00:50 UTC 
FIxed in setroubleshoot-3.2.10-2.fc19 

Moved the Requires block down to the -server package.
Comment 6 Fedora Update System 2013-09-10 15:09:31 UTC 
setroubleshoot-3.2.10-2.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/setroubleshoot-3.2.10-2.fc19
Comment 7 Daniel Walsh 2013-09-10 15:10:38 UTC 
*** Bug 1006362 has been marked as a duplicate of this bug. ***
Comment 8 Fedora Update System 2013-09-11 02:02:14 UTC 
Package setroubleshoot-3.2.10-2.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing setroubleshoot-3.2.10-2.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-16364/setroubleshoot-3.2.10-2.fc19
then log in and leave karma (feedback).
Comment 9 Fedora Update System 2013-09-12 01:58:19 UTC 
setroubleshoot-3.2.10-2.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.