Bug 268221

Summary: setroubleshoot opens but displays a blank window
Product: [Fedora] Fedora Reporter: Claude Jones <claude_jones>
Component: setroubleshootAssignee: John Dennis <jdennis>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: medium    
Version: 7   
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-08-31 00:23:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Claude Jones 2007-08-30 17:58:58 UTC
Description of problem:
This machine is a modern P4 with 2.8 GHz P4 and 1 GB ram. Was running FC6 and
was upgraded some time ago to F7. Since it was an upgrade, setroubleshoot was
not installed. Installed it from the Fedora repo and re-booted. Services says
it's running. Upon opening it, I just get a blank screen. Tried changing the
view to audit messages; tried loading two different log files (messages and
messages.1)- the message at the bottom says it's opening log file, but nothing
ever happens

Version-Release number of selected component (if applicable):

1.9.4

How reproducible:

happens every time I open it

Steps to Reproduce:
1. Start setroubleshoot
2.
3.
  
Actual results:

Setroubleshoot opens, all menus seem to function, but the windows are blank

Expected results:

expect to see a list of selinux security messages in one window, and proposed
resolutions in the other


Additional info:

Comment 1 John Dennis 2007-08-30 18:23:26 UTC
By any chance is your language set to something other than english? There is a
known bug with i18n string handling in the initial F7 version of setroubleshoot.

Also, please take a look in /var/log/setroubleshoot/setroubleshootd.log and see
if  there are error or traceback messages, if so please attach them.

Comment 2 Claude Jones 2007-08-30 18:45:52 UTC
(In reply to comment #1)
> By any chance is your language set to something other than english? There is a
> known bug with i18n string handling in the initial F7 version of setroubleshoot.
> 
> Also, please take a look in /var/log/setroubleshoot/setroubleshootd.log and see
> if  there are error or traceback messages, if so please attach them.

My language is set to English.

The log is pretty empty so here it is:
2007-08-30 13:14:50,777 [email.WARNING] cannot open file
/var/lib/setroubleshoot/email_alert_recipients, No such file or directory

I haven't configured any email recipients, so this is probably harmless.

Comment 3 John Dennis 2007-08-30 19:06:26 UTC
O.K. those are all fine.

You must also have the service setroubleshoot running, is it?

As root:

% service setroubleshoot status

if its not running then start it with

% service setroubleshoot start

You also may want to chkconfig the service to be on so it restarts at boot time.

Once the service is running you still won't see anything until an AVC occurs.


Comment 4 Claude Jones 2007-08-30 19:31:26 UTC
(In reply to comment #3)
> You must also have the service setroubleshoot running, is it?
> 
> As root:
> 
> % service setroubleshoot status
> 
> if its not running then start it with
> 
> % service setroubleshoot start
> 
> You also may want to chkconfig the service to be on so it restarts at boot time.
> 

That was one of the first things I checked. The Fedora rpm obviously sets it to
run as default because it was set that way in services. 

> Once the service is running you still won't see anything until an AVC occurs.
> 

I didn't realize there'd be nothing to see in the window till AVC alerts were
generated - maybe that's all there is to it. 


Comment 5 John Dennis 2007-08-30 19:50:33 UTC
I suspect you're last comment is correct. You won't see anything until there is
something to see :-) The tool does not go backwards in time by searching for
AVC's in old log files, it works by listening to the audit system waiting for an
AVC to occur. Once it does you should get a notification on the desktop.

However, if you do have a log file with AVC's in it you should be able to open
the log file in the browser, but unless the log file has AVC's the browser will
still be blank.

Comment 6 Claude Jones 2007-08-30 20:11:15 UTC
(In reply to comment #5)
> However, if you do have a log file with AVC's in it you should be able to open
> the log file in the browser, but unless the log file has AVC's the browser will
> still be blank.

Checked my various logs and found this in my messages logfile by filtering on
"AVC" in my logviewer:

Aug 27 13:06:07 localhost dbus: Can't send to audit system: USER_AVC avc: 
received policyload notice (seqno=2) : exe="/bin/dbus-daemon" (sauid=500,
hostname=?, addr=?, terminal=?)

Is this SELinux?

Comment 7 John Dennis 2007-08-30 20:58:52 UTC
No, it's not SELinux, at least not directly. What is happening is that DBus is
trying to inject a message into the audit system but is failing because DBus
does not have permission to write audit messages. This has been a long standing
bug that to the best of my knowledge is innocuous. I do not know what DBus is
trying to report, but John Palmieri (johnp) probably could tell you.

If you no longer believe setroubleshoot is failing would you please close this
bug. Thanks.