I would bet you have a mislabeled machine that is generating hundreds of AVC's.
ausearch -m avc -ts today
If the system is mislabeled, the easiest thing to do would be
touch /.autorelabel; reboot
On 07/22/2014 07:02 PM, Rick Stevens wrote:
On 07/22/2014 01:23 PM, Patrick Dupre issued this missive:
Hello,
I have 2 machines running fedora 20, one from 2007 with a dual processor and 3 Go, and a recent one (2013) with a quad processor an 8 Go. But it is a lot more convenient to use the old machine!!! The recent one is always busy, 4 processors running 53.1 55.9 /usr/bin/python -Es /usr/sbin/setroublesootd -f and the memory becomes full quickly requiring swapping!! 8 Go for the OS and firefox! Something is wrong.
Should I kill setroublesootd?
The first thing is to see why you're getting AVC denials from SELinux in the first place. setroubleshootd should only fire if it's getting denials. Try running "sealert -b" and see if you're getting denials and what you can do about them.
- Rick Stevens, Systems Engineer, AllDigital ricks@alldigital.com -
- AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 -
-
To err is human, to moo bovine. -