[ale] SELinux & abrtd

Jim Kinney jim.kinney at gmail.com
Fri Sep 17 16:42:44 EDT 2010


I do but the server part is disabled. So I was unable to quickly pull up the
screen for reference.

On Fri, Sep 17, 2010 at 4:13 PM, Lightner, Jeff <jlightner at water.com> wrote:

>   Do you have the “setroubleshoot” package installed?   It is available
> for RHEL5.
>
>
>  ------------------------------
>
> *From:* ale-bounces at ale.org [mailto:ale-bounces at ale.org] *On Behalf Of *Jim
> Kinney
> *Sent:* Friday, September 17, 2010 3:51 PM
> *To:* Atlanta Linux Enthusiasts - Yes! We run Linux!
> *Subject:* Re: [ale] SELinux & abrtd
>
>
>
> I'm on a RHEL system right now and that tool is not installed.
>
> When the tool gives the error notice (flag in the upper tool bar
> notification area - looks like a red flag I think) there is a _long_ page of
> details. The command line is in the upper 1/3 before a horizontal bar. Below
> the bar is the FAQ and heavy details on the problems.
>
> On Fri, Sep 17, 2010 at 3:43 PM, Sean Kilpatrick <kilpatms at speakeasy.net>
> wrote:
>
> Jim,
>
> I just looked again at the extended "error output."
> It contains this line:
>
> You can generate a local policy module to allow this access - see FAQ
> Please file a bug report.
>
> FAQ is a link but there is no way to search that entire (LARGE) file for
> instructions on creating a "local policy module" so the effort is a waste
> of time.  There is, on the version of SELinux that comes with FC 13 (64-
> bit), no command line instruction included to unblock the offending app.
>
> Sean
>
>
> -----------------------------------------------------------------------------------
>
>
> On Friday, September 17, 2010 02:15:21 pm Jim Kinney wrote:
> > The popup notice has a "show extended/view details" feature. Included
> > in that is a command line instruction to run to allow the blocked
> > access. There are typically 2 ways to resolve these: temporary and
> > permanently. Do the temp version AND hit the bug notice button to send
> > the problem upstream.
> >
> > yeah, I know, the bug notice process is what croaked in the first
> > place. Usual abrtd stuff I've seen involve temp files (ditto on yum
> > selinux issues) so allowing the read/write is OK.
> >
> > On Fri, Sep 17, 2010 at 11:52 AM, Drifter <drifter at oppositelock.org>
> wrote:
> > >  got this message this morning:
> > > SELinux denied access requested by abrtd. It is not expected that
> > > this access is required by abrtd and this access may signal an
> > > intrusion attempt. It is also possible that the specific version or
> > > configuration of the application is causing it to require additional
> > > access.
> > >
> > > All I know about abrtd is what Google turned up:
> > >
> > > abrt is a tool to help users to detect defects in applications and
> > >
> > > to create a bug report with all informations needed by maintainer to
> > > fix it.
> > >
> > > It uses plugin system to extend its functionality.
> > >
> > >  So I think my question is
> > >
> > > How do I get SELinux to let the program do its thing?
> > >
> > > Or should I just not give a damn?
> > >
> > >  Sean
> > >
> > > _______________________________________________
> > > Ale mailing list
> > > Ale at ale.org
> > > http://mail.ale.org/mailman/listinfo/ale
> > > See JOBS, ANNOUNCE and SCHOOLS lists at
> > > http://mail.ale.org/mailman/listinfo
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
>
>
> --
> --
> James P. Kinney III
> I would rather stumble along in freedom than walk effortlessly in chains.
>
>
>  Proud partner. Susan G. Komen for the Cure.
>
>  *Please consider our environment before printing this e-mail or
> attachments.*
>  ----------------------------------
> CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential
> information and is for the sole use of the intended recipient(s). If you are
> not the intended recipient, any disclosure, copying, distribution, or use of
> the contents of this information is prohibited and may be unlawful. If you
> have received this electronic transmission in error, please reply
> immediately to the sender that you have received the message in error, and
> delete it. Thank you.
> ----------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>


-- 
-- 
James P. Kinney III
I would rather stumble along in freedom than walk effortlessly in chains.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20100917/07f37a12/attachment-0001.html 


More information about the Ale mailing list