Another selinux rant
Michael Wiktowy
michael.wiktowy at gmail.com
Mon Jan 7 17:06:14 UTC 2008
On Jan 7, 2008 11:50 AM, John Dennis <jdennis at redhat.com> wrote:
> Ralf Corsepius wrote:
> >> And have you done with this bug what I'm sure we all know we are
> >> supposed to do with bugs we find? :P
> > Done right now.
> >
> > This morning's reboot gave me another opportunity to take a somewhat
> > deeper look ;)
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id=427721
>
> Thank you Ralf, following up with a bugzilla is very much appreciated.
> The key to diagnosing the problem is right there in the syslog:
>
> setroubleshoot: [program.ERROR] Can not handle AVC'S related to the
> dispatcher. exiting
>
> tcontext=unconfined_u:system_r:setroubleshootd_t:s0
> scontext=unconfined_u:system_r:setroubleshootd_t:s0
>
> This means setroubleshootd saw an AVC that it generated itself. This
> should never happen and to prevent infinite recursion the daemon shuts
> down. This is most likely due to a policy bug. There were some known
> policy bugs early in F8 (before GOLD) related to setroubleshoot but
> those should have been fixed. Is your policy up to date?
I have been seeing the same thing very recently with a fully up to
date F8 installation that has never seen Rawhide. I thought that it
was related to my LiveCD creation but I had setroubleshoot applet
disconnect from the selinux deamon soon after my Sunday log rotation.
I will add my logs to this bug when I get a chance.
/Mike
More information about the fedora-devel-list
mailing list