[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Two different applets for updates .. no help content



Andrew Farris wrote:
Andrew Farris wrote:
Jim Cornette wrote:
Also SEtroubleshooter oes wild on my system and I had to disable it. Once an episode is encountered it should not bring up a balloon for each policy infringement. After several thousand denials the system gets a bit overloaded like a DOS condition. I hope it can be reformed to not put up a balloon with every episode.

With the new version it should have an option to keep the notification from showing when you've got setroubleshoot open already. I haven't checked whether that is in the version in rawhide yet, but John Dennis got that added after an RFE bug I posted for it.

I just checked and this did make it into the latest rawhide version, see /etc/setroubleshoot/setroubleshoot.cfg and look for [alert]. Setting use_notification = browser_hidden should do the trick. That will help with the annoyance during a major selinux problem.


That sounds like a worthy change. I ignored the balloon for awhile but the younger 6 yr. old grandchild would ask what was coming up when she was using the computer. The error causing the repeat balloon seemed to be this error. I checked the quiet checkbox for now and the balloon and system resources seems to be reduced.

Thanks!
Jim

--
"Little else matters than to write good code."
-- Karl Lehenbauer
Summary:

SELinux is preventing gam_server (gamin_t) "sys_ptrace" to <Unknown> (gamin_t).

Detailed Description:

SELinux denied access requested by gam_server. It is not expected that this
access is required by gam_server and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.

Allowing Access:

You can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.

Additional Information:

Source Context                system_u:system_r:gamin_t
Target Context                system_u:system_r:gamin_t
Target Objects                None [ capability ]
Source                        gam_server
Source Path                   /usr/libexec/gam_server
Port                          <Unknown>
Host                          HP-JCF7
Source RPM Packages           gamin-0.1.9-5.fc9
Target RPM Packages           
Policy RPM                    selinux-policy-3.3.1-19.fc9
Selinux Enabled               True
Policy Type                   targeted
MLS Enabled                   True
Enforcing Mode                Enforcing
Plugin Name                   catchall
Host Name                     HP-JCF7
Platform                      Linux HP-JCF7 2.6.25-0.113.rc5.git2.fc9 #1 SMP Tue
                              Mar 11 23:11:11 EDT 2008 i686 athlon
Alert Count                   236
First Seen                    Thu 20 Mar 2008 10:50:56 PM EDT
Last Seen                     Thu 20 Mar 2008 10:52:55 PM EDT
Local ID                      7f266d75-0650-4858-8f52-432c8759b20a
Line Numbers                  

Raw Audit Messages            

host=HP-JCF7 type=AVC msg=audit(1206067975.729:21643): avc:  denied  { sys_ptrace } for  pid=2215 comm="gam_server" capability=19 scontext=system_u:system_r:gamin_t:s0 tcontext=system_u:system_r:gamin_t:s0 tclass=capability

host=HP-JCF7 type=SYSCALL msg=audit(1206067975.729:21643): arch=40000003 syscall=195 success=no exit=-13 a0=85ff9b8 a1=bf9fcb20 a2=5e6ff4 a3=bf9fccbc items=0 ppid=1 pid=2215 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="gam_server" exe="/usr/libexec/gam_server" subj=system_u:system_r:gamin_t:s0 key=(null)



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]