Displaying 20 results from an estimated 700 matches similar to: "SELinux and SETroubleshootd woes in CR"
2014 Nov 28
2
SEtroubleshootd Crashing
When running Node.js through Phusion Passenger on Centos 6.5 ( Linux 2.6.32-431.23.3.el6.x86_64 #1 SMP Thu Jul 31 17:20:51 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux), with SELinux enabled in permissive mode we receive a large number of entries in the audit.log and setroubleshootd randomly crashes with the following error, We have resolved the selinux alerts by following the troubleshooting steps
2014 Dec 01
2
SEtroubleshootd Crashing
Thanks
Could you please clarify, which version libxml is broken and has there been a newer version released that will fix it.
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Daniel J Walsh
Sent: 01 December 2014 14:58
To: CentOS mailing list
Subject: Re: [CentOS] SEtroubleshootd Crashing
This seems to be a problem with an updated
2014 Dec 01
2
SEtroubleshootd Crashing
We are currently running libxml2-2.7.6-14.el6_5.2.x86_64
How far back would you suggest we go? would libxml2-2.7.6-14.el6_5.1.x86_64 be sufficient
-----Original Message-----
From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of Daniel J Walsh
Sent: 01 December 2014 15:10
To: CentOS mailing list
Subject: Re: [CentOS] SEtroubleshootd Crashing
I am not sure. I was
2014 Dec 02
2
SEtroubleshootd Crashing
I'll jump in here to say we'll try your suggestion, but I guess what's not
been mentioned is that we get the setroubleshoot abrt's only a few times a
day, but we're getting 10000s of setroubleshoot messages in
/var/log/messages a day.
e.g.
Dec 2 10:03:55 server audispd: queue is full - dropping event
Dec 2 10:04:00 server audispd: last message repeated 199 times
Dec 2
2014 Dec 03
1
SEtroubleshootd Crashing
Indeed, thanks Dan - it doesn't get us to a completely clean running that
would allow us to run our Node app as we are under Passenger with SELinux
enforcing, but it at least has stopped the excessive amount of AVCs we were
getting.
John
On 3 December 2014 at 10:01, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Looks like turning on three booleans will solve most of the problem.
2014 Dec 03
2
SEtroubleshootd Crashing
Mark: Labels look OK, restorecon has nothing to do, and:
-rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/ps
dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc
I'll send the audit log on to Dan.
Cheers,
John
On 2 December 2014 at 16:10, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Could you send me a copy of your audit.log.
>
> You should not be
2014 Dec 01
0
SEtroubleshootd Crashing
This seems to be a problem with an updated version of libxml.
On 11/28/2014 09:04 AM, Gary Smithson wrote:
> When running Node.js through Phusion Passenger on Centos 6.5 ( Linux 2.6.32-431.23.3.el6.x86_64 #1 SMP Thu Jul 31 17:20:51 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux), with SELinux enabled in permissive mode we receive a large number of entries in the audit.log and setroubleshootd randomly
2014 Dec 01
0
SEtroubleshootd Crashing
On 12/01/2014 10:39 AM, Gary Smithson wrote:
> We are currently running libxml2-2.7.6-14.el6_5.2.x86_64
>
> How far back would you suggest we go? would libxml2-2.7.6-14.el6_5.1.x86_64 be sufficient
Ok might not be related. One other suggestion would be to clear the
database out. And see if there
was something in the database that was causing it problems.
Make sure there is no
2014 Dec 01
0
SEtroubleshootd Crashing
I am not sure. I was just seeing email on this today. Could you try to
downgrade the latest version of libxml to see if the
problem goes away.
On 12/01/2014 10:01 AM, Gary Smithson wrote:
> Thanks
>
> Could you please clarify, which version libxml is broken and has there been a newer version released that will fix it.
>
> -----Original Message-----
> From: centos-bounces at
2014 Dec 02
0
SEtroubleshootd Crashing
Could you send me a copy of your audit.log.
You should not be getting hundreds of AVC's a day.
ausearch -m avc,user_avc -ts today
On 12/02/2014 05:08 AM, John Beranek wrote:
> I'll jump in here to say we'll try your suggestion, but I guess what's not
> been mentioned is that we get the setroubleshoot abrt's only a few times a
> day, but we're getting 10000s of
2014 Dec 03
0
SEtroubleshootd Crashing
Looks like turning on three booleans will solve most of the problem.
httpd_execmem, httpd_run_stickshift, allow_httpd_anon_write
On 12/03/2014 03:55 AM, John Beranek wrote:
> Mark: Labels look OK, restorecon has nothing to do, and:
>
> -rwxr-xr-x. root root system_u:object_r:bin_t:s0 /bin/ps
>
> dr-xr-xr-x. root root system_u:object_r:proc_t:s0 /proc
>
> I'll
2009 Mar 06
2
SELinux resource hog
Spinning off from the other thread about SELinux, I just tried to
re-enable SELinux on my personal server hosting just email and forum
for a small local community.
Average load for this Intel Core 2 Duo box with 2GB of ram (usually
with some 1GB free) was generally below 0.4 for the last 24hrs,
averaging 0.23 based on MRTG.
Once I did setenforce 1, load shot through the roof to fluctuate
between
2008 Jul 01
2
setroubleshoot
There is a setroubleshoot package that
runs under X, that really makes it a lot easier to troubleshoot
selinux, but I really don't want to run X on all my vms.
Does anyone here know of an equivalent that doesn't
require X?
--
Drew Einhorn
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
2013 Jun 06
1
selinux
Two issues: first, I've noticed a number of times that selinux is there,
which we usually have in permissive, but setroubleshoot is *not*
installed. Is there be some kind of dependency or group that it should be
part of that's missing? I don't see why I need to manually install it....
Second - and I thought I knew the answer to this, but guess I don't - I
see AVC's in the log
2007 Jul 27
1
setroubleshoot w/o X?
Hi,
I recently discovered setroubleshoot, a wonderful tool that helps
diagnose and resolve selinux problems, even if you really do not
understand selinux. I need to read up on selinux and get to where
I understand it much better.
I'm wondering if there is a text only version of setroubleshoot that
runs on a minimal server configuration without X installed?
--
Drew Einhorn
--------------
2007 May 03
2
Running SELinux necessary for the average user?
I'm wondering because it seems to be slowing my machine down considerably
under CentOS 5. Especially the daemon they include to monitor SELinux and
the program that attaches to it. I tried opening this earlier and it just
sat there spinning.
I want the knowledge that my machine is secure and safe. But I'm wondering
if the price is worth it. Is it necessary for my machine to be fairly
2008 Aug 08
0
Stopping setroubleshootd failed
This is probably a known issue, but just in case. On my Desktop, I am
running SELinux in Permissive mode. When I restart the system, or shut
it down, I notice this message:
"Stopping setroubleshootd failed". Notice at the end of the dmseg
output below, regarding SELinux, there are three (3) identical lines.
I don't know if that is normal or not.
[lanny at dell2400 ~]$ dmesg |more
2009 Jun 03
1
setrubleshootd dominating
Anyone have any idea as to why setroubleshootd would be dominating the
system:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
2371 root 25 0 1884m 1.8g 4100 R 100.2 44.7 680:06.40
setroubleshootd
Frank M. Ramaekers Jr.
Systems Programmer MCP, MCP+I, MCSE & RHCE
American Income Life Insurance Co. Phone: (254)761-6649
1200 Wooded Acres Dr.
2016 Dec 28
4
Help with httpd userdir recovery
On 12/28/2016 03:32 PM, J Martin Rushton wrote:
>
> On 28/12/16 20:11, Robert Moskowitz wrote:
>>
>> On 12/28/2016 01:53 PM, m.roth at 5-cent.us wrote:
>>> Robert Moskowitz wrote:
>>>> On 12/28/2016 05:11 AM, Todor Petkov wrote:
>>>>> On Wed, Dec 28, 2016 at 5:18 AM, Robert Moskowitz <rgm at htt-consult.com>
>>>>> wrote:
2017 Sep 04
5
selinux denial of cgi script with httpd using ssl
Thanks for your help.
I did pick up an additional entry in the audit file :
type=AVC msg=audit(1504561395.709:10196): avc: denied { execute } for
pid=19163 comm="/usr/sbin/httpd" name="s.check.cgi" dev="dm-0"
ino=537182029 scontext=system_u:system_r:httpd_t:s0
tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file
Unfortunately, I am not sure how the