Bug 490300 - severe SELinux errors during shutdown [NEEDINFO]
severe SELinux errors during shutdown
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: setroubleshoot (Show other bugs)
10
All Linux
low Severity high
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 517000
  Show dependency treegraph
 
Reported: 2009-03-14 19:44 EDT by alauschke
Modified: 2009-12-18 04:01 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-12-18 04:01:28 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
dwalsh: needinfo? (jdennis)


Attachments (Terms of Use)

  None (edit)
Description alauschke 2009-03-14 19:44:53 EDT
Description of problem:
no clue where this comes from. During shutdown some problems with perl and SELinux.


Additional info:
As this was during shutdown I couldn't save it in a file, so I shot a picture with my digicam, see attached.

This stays for about ten seconds, and then quits.

This SELinux problem seems to be the origin of gconf and gconf-2 errors I get. Both of them started cropping up about a month ago at the same time. Several things in F9 don't give me access to them through Gnome and say that access has been denied (e. g. Evolution, DiskAnalyzer, Desktop sharing).

Sorry I cannot be more descriptive, but I really have no clue how this is generated.
Comment 1 Daniel Walsh 2009-03-16 11:00:50 EDT
You did not attach the photo.  You probaly can see the messages if you use dmesg.

dmesg | grep avc
Comment 2 alauschke 2009-03-16 12:48:56 EDT
I did. Is there a file size limit for uploads? My pictures from the digicam are big. How else can I provide the picture? Make smaller picture?
Comment 3 Daniel Walsh 2009-03-16 13:01:07 EDT
Do you have a site where you could put it and add a url link?
Comment 4 alauschke 2009-04-03 09:59:27 EDT
After upgrading to F10 the actual denial of access is gone. However, I still get:

www.lauschkeconsulting.com/SANY0090.JPG

And this one is a new popup during boot:
www.lauschkeconsulting.com/sany0047.jpg

I didn't have this with F9.

The two issues seem to be related somehow, I don't know how.

But, apart from these error messages, everything seems to work now on F10.
Comment 5 Daniel Walsh 2009-04-06 08:31:37 EDT
www.lauschkeconsulting.com/SANY0090.JPG
Not SElinux related

I am not sure what the second one is, but have you run a full yum update on the F10 system?
Comment 6 alauschke 2009-04-06 09:15:38 EDT
Obviously. Every morning.
Comment 7 Daniel Walsh 2009-04-06 09:28:04 EDT
I am not sure how your database got corrupted, Although we should probably allow for a better cleanuup.

If you want to get rid of this error, do the following as root

# service setroubleshoot stop
# echo > /var/lib/setroubleshoot/audit_listener_database.xml
# service setroubleshoot start
Comment 8 Daniel Walsh 2009-04-06 09:30:39 EDT
John, 

Currently the code raises an exception when this happens,  I want to just change it to a log, and return the first match.  That way the delete code will succeed and at least remove the first dup.  Otherwise the user has no way of cleaning up his database, which was probably corrupted by a bug in one of the previous versions of setroubleshoot.

What do you think?
Comment 9 alauschke 2009-04-10 11:49:27 EDT
Did not solve the problem (comment 7). Still same error-messages during shut-down.
Comment 10 alauschke 2009-04-10 11:54:28 EDT
Error message after submitting the 3rd step (service setroubleshoot start):

xml:2: parser error : Start tag expected, '<' not found

and then a ^ below that.
Comment 11 Daniel Walsh 2009-04-11 07:25:24 EDT
is /var/lib/setroubleshoot/audit_listener_database.xml

and empty file?

If not, make it one.

cat /dev/null > /var/lib/setroubleshoot/audit_listener_database.xml
Comment 13 Bug Zapper 2009-11-18 04:55:03 EST
This message is a reminder that Fedora 10 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 10.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '10'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 10's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 10 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 14 Bug Zapper 2009-12-18 04:01:28 EST
Fedora 10 changed to end-of-life (EOL) status on 2009-12-17. Fedora 10 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.

Note You need to log in before you can comment on or make changes to this bug.