Description of problem: Unable to get alert details via sealert. Version-Release number of selected component (if applicable): Name : setroubleshoot-server Arch : x86_64 Epoch : 0 Version : 3.3.5 Release : 3.fc24 Size : 1.6 M Repo : @System From repo : fedora How reproducible: Always Steps to Reproduce: 1. Cause an avc denial that setroubleshoot picks up on 2. Run with id from journal, e.g. sealert -l 20b23739-fbb4-41f8-b6bc-1efe6b07a4cc Actual results: output: failed to connect to server: No such file or directory Journal entry: /bin/sealert[22726]: attempt to open server connection failed: No such file or directory Expected results: Solution details. Additional info: System updated to latest fedora+updates, no testing packages setenforce 0 doesn't affect the result/failure
I can't it reproduce it here. There's probably a problem with setroubleshootd. Did you change seroubleshoot.conf? Can you see something suspicious in journal?
Created attachment 1163224 [details] sealert -l strace output, grepped for ENOENT Sadly there is no extra helpful info in the journal. It is still happening to me on Fedora 24: Name : setroubleshoot-server Arch : x86_64 Epoch : 0 Version : 3.3.8 Release : 0.3.fc24 Size : 1.6 M Repo : @System From repo : plautrba-setroubleshoot Summary : SELinux troubleshoot server URL : https://fedorahosted.org/setroubleshoot License : GPLv2+ Description : Provides tools to help diagnose SELinux problems. When AVC messages : are generated an alert can be generated that will give information : about the problem and help track its resolution. Alerts can be configured : to user preference. The same tools can be run on existing log files. Name : setroubleshoot-plugins Arch : noarch Epoch : 0 Version : 3.3.4 Release : 1.fc24 Size : 3.6 M Repo : @System From repo : plautrba-setroubleshoot Summary : Analysis plugins for use with setroubleshoot URL : https://github.com/fedora-selinux/setroubleshoot License : GPLv2+ Description : This package provides a set of analysis plugins for use with : setroubleshoot. Each plugin has the capacity to analyze SELinux AVC : data and system data to provide user friendly reports describing how : to interpret SELinux AVC denials.
Installing the setroubleshoot package helped. Maybe there is some dependency issue, where setroubleshoot-server relies on the directory /var/run/setroubleshoot to be present.
strace really helped, thanks! http://pkgs.fedoraproject.org/cgit/rpms/setroubleshoot.git/commit/?id=288066f917ebc344fb65e7ebb5ab9e198a75681f
setroubleshoot-3.3.8-1.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-68f69f600e
setroubleshoot-3.3.8-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-927d275831
setroubleshoot-3.3.8.1-1.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-68f69f600e
setroubleshoot-3.3.8.1-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-927d275831
setroubleshoot-3.3.8.1-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
Glad to see this fixed. Workaround for this is: $ sudo yum install setroubleshoot $ reboot The workaround installs lots of X11 stuff.
*** Bug 1234313 has been marked as a duplicate of this bug. ***
setroubleshoot-3.3.8.1-1.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.