Hi,
I have been tracking an issue with regard to setroubleshootd for a month or so now, and am trying to work out why memory usage is so high.
I have followed this issue that was also discussed: http://www.redhat.com/archives/fedora-selinux-list/2007-September/msg00000.h tml
Top:
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
2253 root 15 0 585m 472m 3304 S 0 46.7 3:55.34 setroubleshootd
I use Webmin and this shows the following as 'Running Processes' :
2253 root 600020 kB /usr/bin/python -E /usr/sbin/setroubleshootd
Obviously this is extremely high memory usage for a process (I only have 1 GB of RAM installed!)
WC:
wc /var/lib/setroubleshoot/audit_listener_database.xml
1313352 4320305 66032275 /var/lib/setroubleshoot/audit_listener_database.xml
I have run audit2allow and pretty much cleared up the AVC denials that were appearing, but I am still receiving one or two from ClamAV
SELAERT:
sealert -a /var/log/audit/audit.log
100% done
found 2 alerts in /var/log/audit/audit.log
First Alert:
SELinux is preventing /usr/bin/clamdscan (clamscan_t) "write" access to
/var/webmin/sessiondb.pag (var_t).
Second Alert:
SELinux is preventing /usr/bin/clamdscan (clamscan_t) "connectto" access to
/tmp/clamd.socket (initrc_t).
Thanks for any assistance,
Regards,
Paul
--
Paul Lauria
Paul Lauria wrote:
Hi,
I have been tracking an issue with regard to setroubleshootd for a month or so now, and am trying to work out why memory usage is so high.
Please supply the setroubleshoot version. There have been many fixes over the last year, I wonder if you're using an old version.
setroubleshoot version: 1.8.11-4
-- Paul Lauria
-----Original Message----- From: John Dennis [mailto:jdennis@redhat.com] Sent: 21 May 2008 13:10 To: paul@pixellab.co.uk Cc: fedora-selinux-list@redhat.com Subject: Re: setroubleshootd high memory usage
Paul Lauria wrote:
Hi,
I have been tracking an issue with regard to setroubleshootd for a month or so now, and am trying to work out why memory usage is so high.
Please supply the setroubleshoot version. There have been many fixes over the last year, I wonder if you're using an old version.
Paul Lauria wrote:
setroubleshoot version: 1.8.11-4
You didn't say what OS you were running on, but I suggest you upgrade to the newer 2.x version.
Its EL5.
Where can I get the newer 2.x version?
Thanks,
Paul
-----Original Message----- From: John Dennis [mailto:jdennis@redhat.com] Sent: 21 May 2008 15:11 To: paul@pixellab.co.uk Cc: fedora-selinux-list@redhat.com Subject: Re: setroubleshootd high memory usage
Paul Lauria wrote:
setroubleshoot version: 1.8.11-4
You didn't say what OS you were running on, but I suggest you upgrade to the newer 2.x version.
Paul Lauria wrote:
Its EL5.
Where can I get the newer 2.x version?
For RHEL 5 you'll find it in the 5.2 update, which was recently released.
selinux@lists.fedoraproject.org