Bug 640472
| Summary: | setroubleshoot doesn't handle hex register values correctly | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | David Howells <dhowells> |
| Component: | setroubleshoot | Assignee: | Daniel Walsh <dwalsh> |
| Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 13 | CC: | dwalsh, mgrepl |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | setroubleshoot-2.2.102-1.fc13 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2010-10-19 07:07:02 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Fixed in setroubleshoot-2.2.102-1.fc13 setroubleshoot-2.2.102-1.fc13 has been submitted as an update for Fedora 13. https://admin.fedoraproject.org/updates/setroubleshoot-2.2.102-1.fc13 setroubleshoot-2.2.102-1.fc13 has been pushed to the Fedora 13 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update setroubleshoot'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/setroubleshoot-2.2.102-1.fc13 setroubleshoot-2.2.102-1.fc13 has been pushed to the Fedora 13 stable repository. If problems still persist, please make note of it in this bug report. |
I'm seeing the following error in my /var/log/messages: Oct 5 23:10:50 galaxy setroubleshoot: [avc.ERROR] Plugin Exception selinuxpolicy #012Traceback (most recent call last):#012 File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line 148, in analyze_avc#012 report = plugin.analyze(avc)#012 File "/usr/share/setroubleshoot/plugins/selinuxpolicy.py", line 47, in analyze#012 if (avc.has_any_access_in(['write']) or avc.open_with_write()) and \#012 File "/usr/lib64/python2.6/site-packages/setroubleshoot/audit_data.py", line 631, in open_with_write#012 if self.a1 and (int(self.a1) & O_ACCMODE) != os.O_RDONLY:#012ValueError: invalid literal for int() with base 10: '1fa6ac0' Oct 5 23:10:50 galaxy setroubleshoot: [avc.ERROR] Plugin Exception kernel_modules #012Traceback (most recent call last):#012 File "/usr/lib64/python2.6/site-packages/setroubleshoot/analyze.py", line 148, in analyze_avc#012 report = plugin.analyze(avc)#012 File "/usr/share/setroubleshoot/plugins/kernel_modules.py", line 47, in analyze#012 if (avc.has_any_access_in(['write']) or avc.open_with_write()) and \#012 File "/usr/lib64/python2.6/site-packages/setroubleshoot/audit_data.py", line 631, in open_with_write#012 if self.a1 and (int(self.a1) & O_ACCMODE) != os.O_RDONLY:#012ValueError: invalid literal for int() with base 10: '1fa6ac0' The problem appears to be the following line of audit log. Note the contents of a0-a2: type=SYSCALL msg=audit(1286316644.383:312): arch=c000003e syscall=59 success=no exit=-13 a0=1fa6a60 a1=1fa6ac0 a2=1fa6c50 a3=10 items=0 ppid=6158 pid=6159 auid=4043 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=2 comm="service" exe="/bin/bash" subj=unconfined_u:system_r:openvpn_t:s0 key=(null) type=AVC msg=audit(1286316644.383:313): avc: denied { open } for pid=6159 comm="service" name="consoletype" dev=md1 ino=3801142 scontext=unconfined_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:consoletype_exec_t:s0 tclass=file The versions of various stuff that might be relevant: setroubleshoot-2.2.96-1.fc13.x86_64 setroubleshoot-plugins-2.1.61-1.fc13.noarch audit-2.0.4-3.fc13.x86_64 kernel-2.6.34.7-56.fc13.x86_64 selinux-policy-3.7.19-62.fc13.noarch policycoreutils-2.0.83-28.fc13.x86_64 python-2.6.4-27.fc13.x86_64