Bug 1004553 - setroubleshoot not sending email
setroubleshoot not sending email
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: setroubleshoot (Show other bugs)
19
x86_64 Linux
unspecified Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
: 1006362 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-09-04 18:32 EDT by James Withers (Audere Commerce)
Modified: 2013-09-11 21:58 EDT (History)
4 users (show)

See Also:
Fixed In Version: setroubleshoot-3.2.10-2.fc19
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-09-11 21:58:19 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description James Withers (Audere Commerce) 2013-09-04 18:32:20 EDT
Description of problem: setroubleshoot-server is not sending e-mails, despite /var/lib/setroubleshoot/email_alert_recipients containing "jamesw.withers@auderecommerce.com", and postfix working (verified using sendmail command).


Version-Release number of selected component (if applicable): setroubleshoot-server-3.2.10-1.fc19.x86_64


How reproducible: Every time


Steps to Reproduce:
1. Generate SELinux Denial by setting Port 222 in /etc/ssh/sshd_config and restarting sshd.

Actual results:

# tail -f /var/log/audit/audit.log
type=SERVICE_STOP msg=audit(1378333123.989:114): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-logind" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1378333124.000:115): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-logind" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=SERVICE_START msg=audit(1378333146.109:116): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="sshd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
type=AVC msg=audit(1378333146.127:117): avc:  denied  { name_bind } for  pid=883 comm="sshd" src=222 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:reserved_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1378333146.127:117): arch=c000003e syscall=49 success=no exit=-13 a0=3 a1=7f6ce09081b0 a2=10 a3=7fffed8b7ed0 items=0 ppid=1 pid=883 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1378333146.131:118): avc:  denied  { name_bind } for  pid=883 comm="sshd" src=222 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:reserved_port_t:s0 tclass=tcp_socket
type=SYSCALL msg=audit(1378333146.131:118): arch=c000003e syscall=49 success=no exit=-13 a0=3 a1=7f6ce0908150 a2=1c a3=7fffed8b7e54 items=0 ppid=1 pid=883 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null)
type=CRYPTO_KEY_USER msg=audit(1378333146.134:119): pid=883 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=58:b0:73:c8:e7:70:dc:97:04:5a:e7:e7:49:db:fa:60 direction=? spid=883 suid=0  exe="/usr/sbin/sshd" hostname=? addr=UNKNOWN terminal=? res=success'
type=CRYPTO_KEY_USER msg=audit(1378333146.134:120): pid=883 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=66:17:e0:61:05:ee:7f:75:93:e7:15:1e:16:cb:52:55 direction=? spid=883 suid=0  exe="/usr/sbin/sshd" hostname=? addr=UNKNOWN terminal=? res=success'
type=SERVICE_STOP msg=audit(1378333146.138:121): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="sshd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed'

# tail -f /var/log/messages
Sep  4 22:18:43 www systemd[1]: Stopping Login Service...
Sep  4 22:18:43 www systemd[1]: Starting Login Service...
Sep  4 22:18:44 www systemd[1]: Started Login Service.
Sep  4 22:18:44 www systemd-logind[867]: Watching system buttons on /dev/input/event0 (Power Button)
Sep  4 22:18:44 www systemd-logind[867]: New seat seat0.
Sep  4 22:18:44 www systemd-logind[867]: New session 1 of user root.
Sep  4 22:19:06 www systemd[1]: Starting OpenSSH server daemon...
Sep  4 22:19:06 www systemd[1]: Started OpenSSH server daemon.
Sep  4 22:19:06 www systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a
Sep  4 22:19:06 www systemd[1]: Unit sshd.service entered failed state.

# tail -f /var/log/maillog
Sep  4 17:03:06 www postfix/qmgr[1579]: E212A402E0: removed
Sep  4 17:03:06 www postfix/qmgr[1579]: E428040309: removed
Sep  4 17:03:06 www postfix/qmgr[1579]: 095514030B: removed
Sep  4 21:35:05 www postfix/postfix-script[479]: starting the Postfix mail system
Sep  4 21:35:05 www postfix/master[481]: daemon started -- version 2.10.1, configuration /etc/postfix
[No record of mail sent]

Expected results:

Email sent to james.withers@auderecommerce.com, and a record in /var/log/maillog confirming this.
 
I followed the tutorial here: http://major.io/2011/09/15/receive-e-mail-reports-for-selinux-avc-denials/.
Comment 1 Daniel Walsh 2013-09-05 11:32:00 EDT
Any messages in /var/log/messages?  Any denials of setroubleshootd?

Also is setroubleshootd running?  Kill it and see if the messages start.
Comment 2 James Withers (Audere Commerce) 2013-09-09 20:07:55 EDT
Rebooted machine, setroubleshoot detected; got:

Sep  9 23:53:29 www systemd[1]: Stopping OpenSSH server daemon...
Sep  9 23:53:29 www systemd[1]: Starting OpenSSH server daemon...
Sep  9 23:53:29 www systemd[1]: Started OpenSSH server daemon.
Sep  9 23:53:29 www systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a
Sep  9 23:53:29 www systemd[1]: Unit sshd.service entered failed state.
Sep  9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
Sep  9 23:53:29 www dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
Sep  9 23:53:29 www dbus-daemon[187]: Traceback (most recent call last):
Sep  9 23:53:29 www dbus-daemon[187]: File "/usr/sbin/setroubleshootd", line 98, in <module>
Sep  9 23:53:29 www dbus-daemon[187]: from setroubleshoot.server import RunFaultServer
Sep  9 23:53:29 www dbus-daemon[187]: File "/usr/lib64/python2.7/site-packages/setroubleshoot/server.py", line 30, in <module>
Sep  9 23:53:29 www dbus-daemon[187]: import gobject
Sep  9 23:53:29 www dbus-daemon[187]: ImportError: No module named gobject
Sep  9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1
Sep  9 23:53:29 www dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1
Sep  9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
Sep  9 23:53:29 www dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper)
Sep  9 23:53:29 www dbus-daemon[187]: Traceback (most recent call last):
Sep  9 23:53:29 www dbus-daemon[187]: File "/usr/sbin/setroubleshootd", line 98, in <module>
Sep  9 23:53:29 www dbus-daemon[187]: from setroubleshoot.server import RunFaultServer
Sep  9 23:53:29 www dbus-daemon[187]: File "/usr/lib64/python2.7/site-packages/setroubleshoot/server.py", line 30, in <module>
Sep  9 23:53:29 www dbus-daemon[187]: import gobject
Sep  9 23:53:29 www dbus-daemon[187]: ImportError: No module named gobject
Sep  9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1
Sep  9 23:53:29 www dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1

Looks like it's missing the dependency on pygobject2 if you install on a headless machine (yum install setroubleshoot-server) as I did (yum install setroubleshoot will give pygobject3 as a dependency to be installed).
Comment 3 Miroslav Grepl 2013-09-10 06:54:28 EDT
What does

# rpm -q --requires setroubleshoot
Comment 4 James Withers (Audere Commerce) 2013-09-10 08:38:38 EDT
This is headless, setroubleshoot (with GUI) is a different product:

[root@www ~]# rpm -q --requires setroubleshoot-server
/bin/sh
/bin/sh
/bin/sh
/sbin/service
/sbin/service
/usr/bin/python
audit >= 1.2.6-3
audit-libs-python >= 1.2.6-3
config(setroubleshoot-server) = 3.2.10-1.fc19
libauparse.so.0()(64bit)
libc.so.6()(64bit)
libc.so.6(GLIBC_2.2.5)(64bit)
libc.so.6(GLIBC_2.3.4)(64bit)
libc.so.6(GLIBC_2.4)(64bit)
libcap-ng.so.0()(64bit)
libdbus-1.so.3()(64bit)
libpthread.so.0()(64bit)
libpython2.7.so.1.0()(64bit)
libselinux-python >= 2.1.5-1
libselinux.so.1()(64bit)
libxml2-python
policycoreutils-python
python(abi) = 2.7
python-slip-dbus
rpm-python
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(FileDigests) <= 4.6.0-1
rpmlib(PartialHardlinkSets) <= 4.0.4-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
rtld(GNU_HASH)
setroubleshoot-plugins >= 3.0.14
systemd-python
rpmlib(PayloadIsXz) <= 5.2-1

Missing pygobject2 (unless it's hidden in one of the others)?
Comment 5 Daniel Walsh 2013-09-10 11:00:50 EDT
FIxed in setroubleshoot-3.2.10-2.fc19 

Moved the Requires block down to the -server package.
Comment 6 Fedora Update System 2013-09-10 11:09:31 EDT
setroubleshoot-3.2.10-2.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/setroubleshoot-3.2.10-2.fc19
Comment 7 Daniel Walsh 2013-09-10 11:10:38 EDT
*** Bug 1006362 has been marked as a duplicate of this bug. ***
Comment 8 Fedora Update System 2013-09-10 22:02:14 EDT
Package setroubleshoot-3.2.10-2.fc19:
* should fix your issue,
* was pushed to the Fedora 19 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing setroubleshoot-3.2.10-2.fc19'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-16364/setroubleshoot-3.2.10-2.fc19
then log in and leave karma (feedback).
Comment 9 Fedora Update System 2013-09-11 21:58:19 EDT
setroubleshoot-3.2.10-2.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.