Package: setroubleshoot Version: 2.2.52-1 Severity: important Adding this directory make sealert -b shows the messages while it was outputting an error in the status bar (which was not giving much insightsi : "Error while trying to check the policy version).
The : setroubleshootd -f -v -V 2010-01-29 20:31:01,517 [program.ERROR] failed to get filesystem list from rpm Traceback (most recent call last): File "/usr/lib/pymodules/python2.5/setroubleshoot/util.py", line 236, in get_standard_directories h = ts.dbMatch("name", "filesystem").next() StopIteration 2010-01-29 20:31:01,585 [database.DEBUG] created new database: name=audit_listener, friendly_name=Ecouteur d'Audit, filepath=/var/lib/setroubleshoot/audit_listener_database.xml 2010-01-29 20:31:01,608 [database.DEBUG] database version 3.0 compatible with current 3.0 version 2010-01-29 20:31:02,025 [plugin.DEBUG] load_plugins() names=['allow_nfsd_anon_write', 'firefox', 'tftpd_write_content', 'httpd_enable_homedirs', 'bind_ports', 'mounton', 'spamd_enable_home_dirs', 'allow_saslauthd_read_shadow', 'samba_share_nfs', 'ftpd_is_daemon', 'global_ssp', 'httpd_enable_cgi', 'httpd_use_cifs', 'named_write_master_zones', 'samba_export_all_rw', 'use_nfs_home_dirs', 'allow_mount_anyfile', 'nfs_export_all_rw', 'setenforce', 'allow_ftpd_full_access', 'httpd_builtin_scripting', 'prelink_mislabled', 'privoxy_connect_any', 'catchall', 'allow_cvs_read_shadow', 'httpd_ssi_exec', 'swapfile', 'public_content', 'fcron_crond', 'samba_share', 'execute', 'mmap_zero', 'restorecon', 'samba_export_all_ro', 'default', 'allow_execstack', 'inetd_bind_ports', 'secure_mode_insmod', 'allow_execheap', 'httpd_can_network_connect_db', 'allow_ftpd_anon_write', 'httpd_can_sendmail', 'httpd_can_network_relay', 'qemu_blk_image', 'httpd_write_content', 'allow_mplayer_execstack', 'allow_ httpd_anon_write', 'allow_daemons_dump_core', 'allow_ftpd_use_nfs', 'ftp_home_dir', 'allow_smbd_anon_write', 'user_tcp_server', 'use_samba_home_dirs', 'sys_module', 'httpd_tty_comm', 'qemu_file_image', 'allow_httpd_sys_script_anon_write', 'automount_exec_config', 'allow_zebra_write_config', 'device', 'httpd_bad_labels', 'filesystem_associate', 'httpd_use_nfs', 'httpd_enable_ftp_server', 'allow_execmod', 'samba_enable_home_dirs', 'wine', 'file', 'vbetool', 'allow_java_execstack', 'selinuxpolicy', 'allow_rsync_anon_write', 'rsync_data', 'nfs_export_all_ro', 'allow_kerberos', 'squid_connect_any', 'leaks', 'connect_ports', 'xen_image', 'catchall_boolean', 'pppd_can_insmod', 'cvs_data', 'secure_mode_policyload', 'allow_ypbind', 'kernel_modules', 'allow_postfix_local_write_mail_spool', 'allow_ftpd_use_cifs'] 2010-01-29 20:31:02,026 [plugin.INFO] importing /usr/share/setroubleshoot/plugins/__init__ as plugins 2010-01-29 20:31:02,256 [avc.DEBUG] Number of Plugins = 87 2010-01-29 20:31:02,261 [communication.DEBUG] parse_socket_address_list: input='{unix}/var/run/setroubleshoot/setroubleshoot_server' 2010-01-29 20:31:02,262 [communication.DEBUG] parse_socket_address_list: {unix}/var/run/setroubleshoot/setroubleshoot_server --> {unix}/var/run/setroubleshoot/setroubleshoot_server socket=None 2010-01-29 20:31:02,264 [communication.DEBUG] new_listening_socket: {unix}/var/run/setroubleshoot/setroubleshoot_server socket=None 2010-01-29 20:31:02,266 [server.INFO] creating system dbus: bus_name=org.fedoraproject.Setroubleshootd object_path=/org/fedoraproject/Setroubleshootd interface=org.fedoraproject.SetroubleshootdIface 2010-01-29 20:31:02,266 [server.DEBUG] dbus __init__ /org/fedoraproject/Setroubleshootd called 2010-01-29 20:31:12,267 [server.DEBUG] received signal=14 2010-01-29 20:31:12,268 [server.DEBUG] KeyboardInterrupt in RunFaultServer 2010-01-29 20:31:12,269 [database.DEBUG] writing database (/var/lib/setroubleshoot/audit_listener_database.xml) modified_count=0 leaded me to check if the socket was created in it and it was not as th directory was missing. I bet it explained the rpc error from sealert. Now that it is there (as root.root as the setroubleshootd service) the socket is created and sealert manage to grab the info it needs. I still get the keyboard interrupt with signal alarm (14) but I bet it does it as I run it from the command line. When started via dbus it runs ok as far as I am concerned. Hope this is the root cause and not a far stretched conclusion but I bet simply adding this directory to the package would do the trick. Cheers, Alban -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.32-trunk-486 Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages setroubleshoot depends on: ii consolekit 0.4.1-3 framework for defining and trackin ii dbus 1.2.16-2 simple interprocess messaging syst ii libapol4 3.3.6.ds-6 Security Enhanced Linux policy ana ii libatk1.0-0 1.29.4-1 The ATK accessibility toolkit ii libaudit0 1.7.13-1+b1 Dynamic library for security audit ii libc6 2.10.2-5 Embedded GNU C Library: Shared lib ii libcairo2 1.9.4-1 The Cairo 2D vector graphics libra ii libdbus-1-3 1.2.16-2 simple interprocess messaging syst ii libdbus-glib-1-2 0.82-2 simple interprocess messaging syst ii libfontconfig1 2.8.0-2 generic font configuration library ii libfreetype6 2.3.11-1 FreeType 2 font engine, shared lib ii libglib2.0-0 2.23.2-2 The GLib library of C routines ii libgtk2.0-0 2.19.4-1 The GTK+ graphical user interface ii libnotify1 [libnotify1-g 0.4.5-1 sends desktop notifications to a n ii libpango1.0-0 1.26.2-1 Layout and rendering of internatio ii libqpol1 3.3.6.ds-6 Security Enhanced Linux policy abs ii libselinux1 2.0.89-4 SELinux runtime shared libraries ii python 2.5.4-9 An interactive high-level object-o ii python-audit 1.7.13-1+b1 Python bindings for security audit ii python-dbus 0.83.0-1+b1 simple interprocess messaging syst ii python-gnome2 2.28.0-1 Python bindings for the GNOME desk ii python-gnomekeyring 2.28.0-5+b1 Python bindings for the GNOME keyr ii python-gtkhtml2 2.25.3-4.1+b2 Python bindings for the GtkHTML 2 ii python-libxml2 2.7.6.dfsg-2+b1 Python bindings for the GNOME XML ii python-notify 0.1.1-2+b1 Python bindings for libnotify ii python-rpm 4.7.2-1+b2 Python bindings for RPM ii python-support 1.0.6 automated rebuilding support for P ii rpm 4.7.2-1+b2 package manager for RPM ii setroubleshoot-plugins 2.1.35-1 Tool to help troubleshoot SELinux Versions of packages setroubleshoot recommends: ii auditd 1.7.13-1+b1 User space tools for security audi ii policycoreutils 2.0.77-1 SELinux core policy utilities ii selinux-policy-default 2:0.2.20091117-1 Strict and Targeted variants of th setroubleshoot suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org