Description of problem: There are some errors (possible errors ?) at boot and shutdown times. Tested on F16 RC4 live-cd LXDE installed to hd. Version-Release number of selected component (if applicable): policycoreutils-2.1.4-3.fc16.i686 setroubleshoot-server-3.0.38-3.fc16.i686 How reproducible: Run F16 Rc4. Steps to Reproduce: 1. boot 2. shutdown 3. Actual results: During boot-up: ... [ 17.701301] sandbox[868]: Starting sandbox/etc/rc.d/init.d/sandbox: line 58: success: command not found [ 17.702168] sandbox[868]: /etc/rc.d/init.d/sandbox: line 58: failure: command not found ... During shutdown: [ 288.157951] sedispatch[826]: sedispatch is exiting on stop request ... [ 288.219286] audispd[824]: plugin /usr/sbin/sedispatch terminated unexpectedly [ 288.219373] audispd[824]: plugin /usr/sbin/sedispatch was restarted [ 288.221371] sedispatch[1528]: sedispatch is exiting on stdin EOF ... [ 288.433226] sandbox[1568]: Stopping sandbox/etc/rc.d/init.d/sandbox: line 63: success: command not found [ 288.433989] sandbox[1568]: /etc/rc.d/init.d/sandbox: line 63: failure: command not found ... Expected results: no errors ? Additional info: These lines during shutdown where sedispatch is stopped, but then restarted again, and then exited again ... Is everything OK here ?
Created attachment 531637 [details] dmesg output
The sandbox command has been fixed in policycoreutils-2.1.4-7.fc16 Not sure whether the other lines are errors. sedispatch is announcing that it has been sent a kill signal,I would guess. The auditdispd sends it a restart message. I would guess the audispd did not get the die signal yet.
[ 288.157951] sedispatch[826]: sedispatch is exiting on stop request [ 288.219286] audispd[824]: plugin /usr/sbin/sedispatch terminated unexpectedly [ 288.219373] audispd[824]: plugin /usr/sbin/sedispatch was restarted [ 288.221371] sedispatch[1528]: sedispatch is exiting on stdin EOF Steve it seems we have a bit of problem on shutdown. where sedispatch gets told to shutdown and then audispd starts it back up.
Audispd manages its plugins. So, something else should not be telling sedispatch to shutdown and then there is no problem. :)
Created attachment 531821 [details] shutdown log with systemd debugging info Some more info. Search for sedispatch and audispd. We are debugging systemd on dev list and somebody from systemd team (probably Michal Schmidt) will comment on it too. JB
Basically this message sedispatch is exiting on stop request Will only happen if sedispatch is hit with a SIGHUP or SIGTERM. I just updated the package to not put out a syslog message if this happens. Maybe it should just ignore the SIGHUP. Is systemd sending all processes a SIGHUP? or a SIGTERM? Before auditd tells my process to shutdown. The second message is the message that sedispatch puts out if audispd shuts it down, by closing the stdin.
Systemd should not be sending a SIGHUP. To daemons, that means go re-read your configuration file. So, if your program has a configuration file, you have to handle SIGHUP by re-reading the file and re-adjusting parameters. As for SIGTERM, you have to obey that. If audispd sends you one, you need to cleanup and exit. I made a patch to the audit system that should help somewhat: https://fedorahosted.org/audit/changeset/603 But this also assumes that only audispd is managing its plugins.
New release should be available soon.
audit-2.2-1.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/audit-2.2-1.fc17
Package audit-2.2-1.fc17: * should fix your issue, * was pushed to the Fedora 17 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing audit-2.2-1.fc17' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-2908/audit-2.2-1.fc17 then log in and leave karma (feedback).
audit-2.2-1.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.