Bug 430194 - Service starts but then dies
Service starts but then dies
Product: Fedora
Classification: Fedora
Component: setroubleshoot (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: John Dennis
Fedora Extras Quality Assurance
Depends On: 430195
  Show dependency treegraph
Reported: 2008-01-24 23:18 EST by David Highley
Modified: 2008-01-30 10:24 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2008-01-30 10:24:21 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description David Highley 2008-01-24 23:18:46 EST
Description of problem:
The service will start but as soon as you try and view policy violations the
service dies or it may die on a violation.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
I believe this worked until a relabel was done of the /var/lib tree. Still will
not run in permissive mode.
Comment 1 John Dennis 2008-01-25 08:33:01 EST
Are there errors in /var/log/setroubleshoot/setroubleshootd.log or

Comment 2 David Highley 2008-01-25 23:40:37 EST
2008-01-24 19:35:19,686 [email.WARNING] cannot open file
/var/lib/setroubleshoot/email_alert_recipients, No such file or directory
2008-01-24 19:35:54,956 [program.ERROR] Can not handle AVC'S related to
dispatcher. exiting
setroubleshoot context=system_u:system_r:setroubleshootd_t:s0, AVC
Comment 3 John Dennis 2008-01-28 11:10:52 EST
This appears to be a labeling problem, I still need some more information to
diagnose it. Would you please open up /var/log/audit/audit.log (as root) and
search for AVC's related to setroubleshoot and copy the full text into this bug
report. Thank you.
Comment 4 David Highley 2008-01-28 23:28:06 EST
See bug 430195 where I attached a complete audit log file.
Comment 5 John Dennis 2008-01-29 09:00:14 EST
re comment #4, this is a different issue, in bug 430195 binary data was
incorrectly inserted into a text buffer because the audit message was
incorrectly decoded, in this bug setroubleshoot is exiting because it generated
an AVC, a recursive situation which must be broken out of by exiting the daemon.
Comment 6 David Highley 2008-01-29 09:55:35 EST
Looks like a labeling issue that I'm trying to figure out with Dan Walsh. It
appears that passwd file entries with a home directory in /var/lib are causing
other /var/lib locations to get labeled as home directories; 430195. See the
audit log entry below:
type=AVC msg=audit(1201582580.411:116): avc:  denied  { lock } for  pid=3704
comm="setroubleshootd" path="/var/lib/rpm/Packages" dev=dm-0 ino=26968074
tcontext=system_u:object_r:user_home_t:s0 tclass=file
Comment 7 David Highley 2008-01-30 10:24:21 EST
Changing a passwd file shell to /sbin/nologin and relabeling has fixed this issue.

Note You need to log in before you can comment on or make changes to this bug.