Bug 480432
| Summary: | setroubleshootd killed - apparently by selinux | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Michal Jaegermann <michal> | ||||
| Component: | setroubleshoot | Assignee: | Daniel Walsh <dwalsh> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | low | ||||||
| Version: | 10 | CC: | dwalsh, jdennis, mgrepl | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2009-01-19 20:42:27 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
Are you running an ext4 file system? If so you need to update to the latest kernel. There is a bug in the kernel that causes lots of confined domains to get spurious sys_resource avc messages, Any avc messages about setroubleshoot cause it to exit to prevent infinite loops. Please update to the latest kernel. > Are you running an ext4 file system? Yes, indeed, I do on that particular machine. > If so you need to update to the latest kernel. But it is already running the latest kernel from the current updates, i.e 2.6.27.9-159.fc10. Or you mean something from updates-testing? Or from koji? Is there some known minimum which is required? 2.5.27.10-168 and later according to the changelog. 2.6.27.10-168 I mean. |
Created attachment 329273 [details] a file found in /var/log/setroubleshoot/ Description of problem: On a freshly installed "from scratch" F10 system setroubleshootd dies in what it looks like at random. Traces show up in "bad" moments, like a shutdown sequence or during a boot (where they will be wiped out before there will be a chance to look at those) but I managed to get the following one: Traceback (most recent call last): File "/usr/lib/python2.5/site-packages/setroubleshoot/analyze.py", line 350, in auto_save_callback self.save() File "/usr/lib/python2.5/site-packages/setroubleshoot/analyze.py", line 327, in save self.sigs.write_xml('sigs', self.filepath) File "/usr/lib/python2.5/site-packages/setroubleshoot/xml_serialize.py", line 308, in write_xml f.write(self.get_xml_text_doc(obj_name)) KeyboardInterrupt No idea how complete that may be. Nothing of that sort in logs anywhere. At this moment 'service setroubleshoot status' responds with: setroubleshootd dead but pid file exists That happened already a number of times on a machine installed yesterday afternoon. Everything I found in /var/log/setroubleshoot/setroubleshootd.log is attached. What is even more disconcerting is that selinux has constant complaints about wpa_supplicant, NetworkManager, console-kit-daemon, pm-powersave, gdm-session-worker, dbus-daemon, sendmail. Rebooting after 'touch /.autorelabel' did not help. 'rpm -V ...' on various related packages is always silent. Version-Release number of selected component (if applicable): setroubleshoot-2.0.12-3.fc10 selinux-policy-3.5.13-38.fc10 selinux-policy-targeted-3.5.13-38 Additional information: The machine on which this happens is eeepc 1002HA netbook.