Description of problem: setroubleshoot-server is not sending e-mails, despite /var/lib/setroubleshoot/email_alert_recipients containing "jamesw.withers", and postfix working (verified using sendmail command). Version-Release number of selected component (if applicable): setroubleshoot-server-3.2.10-1.fc19.x86_64 How reproducible: Every time Steps to Reproduce: 1. Generate SELinux Denial by setting Port 222 in /etc/ssh/sshd_config and restarting sshd. Actual results: # tail -f /var/log/audit/audit.log type=SERVICE_STOP msg=audit(1378333123.989:114): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-logind" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' type=SERVICE_START msg=audit(1378333124.000:115): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="systemd-logind" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' type=SERVICE_START msg=audit(1378333146.109:116): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="sshd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success' type=AVC msg=audit(1378333146.127:117): avc: denied { name_bind } for pid=883 comm="sshd" src=222 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:reserved_port_t:s0 tclass=tcp_socket type=SYSCALL msg=audit(1378333146.127:117): arch=c000003e syscall=49 success=no exit=-13 a0=3 a1=7f6ce09081b0 a2=10 a3=7fffed8b7ed0 items=0 ppid=1 pid=883 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null) type=AVC msg=audit(1378333146.131:118): avc: denied { name_bind } for pid=883 comm="sshd" src=222 scontext=system_u:system_r:sshd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:reserved_port_t:s0 tclass=tcp_socket type=SYSCALL msg=audit(1378333146.131:118): arch=c000003e syscall=49 success=no exit=-13 a0=3 a1=7f6ce0908150 a2=1c a3=7fffed8b7e54 items=0 ppid=1 pid=883 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 ses=4294967295 tty=(none) comm="sshd" exe="/usr/sbin/sshd" subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 key=(null) type=CRYPTO_KEY_USER msg=audit(1378333146.134:119): pid=883 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=58:b0:73:c8:e7:70:dc:97:04:5a:e7:e7:49:db:fa:60 direction=? spid=883 suid=0 exe="/usr/sbin/sshd" hostname=? addr=UNKNOWN terminal=? res=success' type=CRYPTO_KEY_USER msg=audit(1378333146.134:120): pid=883 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:sshd_t:s0-s0:c0.c1023 msg='op=destroy kind=server fp=66:17:e0:61:05:ee:7f:75:93:e7:15:1e:16:cb:52:55 direction=? spid=883 suid=0 exe="/usr/sbin/sshd" hostname=? addr=UNKNOWN terminal=? res=success' type=SERVICE_STOP msg=audit(1378333146.138:121): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0 msg=' comm="sshd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=failed' # tail -f /var/log/messages Sep 4 22:18:43 www systemd[1]: Stopping Login Service... Sep 4 22:18:43 www systemd[1]: Starting Login Service... Sep 4 22:18:44 www systemd[1]: Started Login Service. Sep 4 22:18:44 www systemd-logind[867]: Watching system buttons on /dev/input/event0 (Power Button) Sep 4 22:18:44 www systemd-logind[867]: New seat seat0. Sep 4 22:18:44 www systemd-logind[867]: New session 1 of user root. Sep 4 22:19:06 www systemd[1]: Starting OpenSSH server daemon... Sep 4 22:19:06 www systemd[1]: Started OpenSSH server daemon. Sep 4 22:19:06 www systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a Sep 4 22:19:06 www systemd[1]: Unit sshd.service entered failed state. # tail -f /var/log/maillog Sep 4 17:03:06 www postfix/qmgr[1579]: E212A402E0: removed Sep 4 17:03:06 www postfix/qmgr[1579]: E428040309: removed Sep 4 17:03:06 www postfix/qmgr[1579]: 095514030B: removed Sep 4 21:35:05 www postfix/postfix-script[479]: starting the Postfix mail system Sep 4 21:35:05 www postfix/master[481]: daemon started -- version 2.10.1, configuration /etc/postfix [No record of mail sent] Expected results: Email sent to james.withers, and a record in /var/log/maillog confirming this. I followed the tutorial here: http://major.io/2011/09/15/receive-e-mail-reports-for-selinux-avc-denials/.
Any messages in /var/log/messages? Any denials of setroubleshootd? Also is setroubleshootd running? Kill it and see if the messages start.
Rebooted machine, setroubleshoot detected; got: Sep 9 23:53:29 www systemd[1]: Stopping OpenSSH server daemon... Sep 9 23:53:29 www systemd[1]: Starting OpenSSH server daemon... Sep 9 23:53:29 www systemd[1]: Started OpenSSH server daemon. Sep 9 23:53:29 www systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a Sep 9 23:53:29 www systemd[1]: Unit sshd.service entered failed state. Sep 9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper) Sep 9 23:53:29 www dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper) Sep 9 23:53:29 www dbus-daemon[187]: Traceback (most recent call last): Sep 9 23:53:29 www dbus-daemon[187]: File "/usr/sbin/setroubleshootd", line 98, in <module> Sep 9 23:53:29 www dbus-daemon[187]: from setroubleshoot.server import RunFaultServer Sep 9 23:53:29 www dbus-daemon[187]: File "/usr/lib64/python2.7/site-packages/setroubleshoot/server.py", line 30, in <module> Sep 9 23:53:29 www dbus-daemon[187]: import gobject Sep 9 23:53:29 www dbus-daemon[187]: ImportError: No module named gobject Sep 9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1 Sep 9 23:53:29 www dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1 Sep 9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper) Sep 9 23:53:29 www dbus[187]: [system] Activating service name='org.fedoraproject.Setroubleshootd' (using servicehelper) Sep 9 23:53:29 www dbus-daemon[187]: Traceback (most recent call last): Sep 9 23:53:29 www dbus-daemon[187]: File "/usr/sbin/setroubleshootd", line 98, in <module> Sep 9 23:53:29 www dbus-daemon[187]: from setroubleshoot.server import RunFaultServer Sep 9 23:53:29 www dbus-daemon[187]: File "/usr/lib64/python2.7/site-packages/setroubleshoot/server.py", line 30, in <module> Sep 9 23:53:29 www dbus-daemon[187]: import gobject Sep 9 23:53:29 www dbus-daemon[187]: ImportError: No module named gobject Sep 9 23:53:29 www dbus-daemon[187]: dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1 Sep 9 23:53:29 www dbus[187]: [system] Activated service 'org.fedoraproject.Setroubleshootd' failed: Launch helper exited with unknown return code 1 Looks like it's missing the dependency on pygobject2 if you install on a headless machine (yum install setroubleshoot-server) as I did (yum install setroubleshoot will give pygobject3 as a dependency to be installed).
What does # rpm -q --requires setroubleshoot
This is headless, setroubleshoot (with GUI) is a different product: [root@www ~]# rpm -q --requires setroubleshoot-server /bin/sh /bin/sh /bin/sh /sbin/service /sbin/service /usr/bin/python audit >= 1.2.6-3 audit-libs-python >= 1.2.6-3 config(setroubleshoot-server) = 3.2.10-1.fc19 libauparse.so.0()(64bit) libc.so.6()(64bit) libc.so.6(GLIBC_2.2.5)(64bit) libc.so.6(GLIBC_2.3.4)(64bit) libc.so.6(GLIBC_2.4)(64bit) libcap-ng.so.0()(64bit) libdbus-1.so.3()(64bit) libpthread.so.0()(64bit) libpython2.7.so.1.0()(64bit) libselinux-python >= 2.1.5-1 libselinux.so.1()(64bit) libxml2-python policycoreutils-python python(abi) = 2.7 python-slip-dbus rpm-python rpmlib(CompressedFileNames) <= 3.0.4-1 rpmlib(FileDigests) <= 4.6.0-1 rpmlib(PartialHardlinkSets) <= 4.0.4-1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 rtld(GNU_HASH) setroubleshoot-plugins >= 3.0.14 systemd-python rpmlib(PayloadIsXz) <= 5.2-1 Missing pygobject2 (unless it's hidden in one of the others)?
FIxed in setroubleshoot-3.2.10-2.fc19 Moved the Requires block down to the -server package.
setroubleshoot-3.2.10-2.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/setroubleshoot-3.2.10-2.fc19
*** Bug 1006362 has been marked as a duplicate of this bug. ***
Package setroubleshoot-3.2.10-2.fc19: * should fix your issue, * was pushed to the Fedora 19 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing setroubleshoot-3.2.10-2.fc19' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-16364/setroubleshoot-3.2.10-2.fc19 then log in and leave karma (feedback).
setroubleshoot-3.2.10-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.