Hi, I am on Red Hat enterprise 5. setroubleshoot is exiting and I cannot run sealert. I see below messages in logs. Any help in this regard would be of great help.
Mar 22 11:17:52 myhost setroubleshoot: SELinux is preventing /usr/sbin/automount (automount_t) "search" access to /proc/142/cmdline (kernel_t). For complete SELinux messages. run sealert -l c7e49db5-9d5f-4ffb-afdc-82708db53ee4 Mar 22 11:17:53 myhost setroubleshoot: 2008-03-22 11:17:52,416 [program.ERROR] Can not handle AVC'S related to dispatcher. exiting setroubleshoot context=system_u:system_r:setroubleshootd_t:s0, AVC scontext=system_u:system_r:setroubleshootd_t:s0 Mar 22 11:17:52 myhost setroubleshoot: SELinux is preventing /usr/sbin/automount (automount_t) "search" access to /proc/145/cmdline (kernel_t). For complete SELinux messages. run sealert -l 89399382-a3bf-4efd-9bfa-51ebdc28217d Mar 22 11:17:53 myhost setroubleshoot: 2008-03-22 11:17:52,462 [program.ERROR] Can not handle AVC'S related to dispatcher. exiting setroubleshoot context=system_u:system_r:setroubleshootd_t:s0, AVC scontext=system_u:system_r:setroubleshootd_t:s0 Mar 22 11:17:53 myhost setroubleshoot: 2008-03-22 11:17:52,475 [program.ERROR] Can not handle AVC'S related to dispatcher. exiting setroubleshoot context=system_u:system_r:setroubleshootd_t:s0, AVC scontext=system_u:system_r:setroubleshootd_t:s0 Mar 22 11:17:52 myhost : SELinux is preventing /usr/sbin/automount (automount_t) "search" access to /proc/25/cmdline (kernel_t). For complete SELinux messages. run sealert -l 4db5f9d7-949a-4fb6-b7eb-3a3762d35684 Mar 22 11:17:52 myhost audispd: Socket error (32, 'Broken pipe') Mar 22 11:18:08 myhost gpm[3069]: *** info [startup.c(95)]: Mar 22 11:18:08 myhost gpm[3069]: Started gpm successfully. Entered daemon mode. Mar 22 11:18:11 myhost rhnsd[3154]: Red Hat Network Services Daemon starting up. Mar 22 12:18:29 myhost dbus: Can't send to audit system: USER_AVC avc: received policyload notice (seqno=2) : exe="?" (sauid=81, hostname=?, addr=?, terminal=?) Mar 22 12:18:30 myhost setsebool: The httpd_enable_homedirs policy boolean was changed to true by root Mar 22 12:19:23 myhost auditd[2494]: dispatch err (pipe full) event lost Mar 22 12:22:20 myhost dbus: Can't send to audit system: USER_AVC avc: received policyload notice (seqno=3) : exe="?" (sauid=81, hostname=?, addr=?, terminal=?) Mar 22 12:22:21 myhost setsebool: The use_nfs_home_dirs policy boolean was changed to 1 by root
Thanks in advance.
Pad Hosmane wrote:
Hi,
I am on Red Hat enterprise 5. setroubleshoot is exiting and I cannot run sealert. I see below messages in logs. Any help in this regard would be of great help.
These types of errors are usually indicative of a mislabeled filesystem. Try relabeling and see if the problems resolve themselves. To relabel:
touch /.autorelabel; reboot
run sealert. I see below messages in logs. Any help in this regard
would
be of great help.
These types of errors are usually indicative of a mislabeled filesystem.
Try relabeling and see if the problems resolve themselves. To relabel:
touch /.autorelabel; reboot
selinux@lists.fedoraproject.org