-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 05/31/2012 05:22 PM, m.roth@5-cent.us wrote:
Well, this is getting more and more unpleasant. Turned out my manager and the other admin were also working on this. One of the times they restarted *something*, or maybe my reinstall, took care of the first problem.
Now, however, we're seeing a ton of exceptions... and what's struck me is that I'm *not* getting the normal output from sealert. For example, sealert -v -l 42f9d4f6-6327-4030-b927-d17ab9f4f0d6 2012-05-31 16:52:13,387 [plugin.INFO] importing /usr/share/setroubleshoot/plugins/__init__ as plugins SELinux is preventing /bin/chmod from using the fowner capability.
I used the -v to try to get more; I'm not seeing the screenful that usually has more useful info. Could something have been screwed up with selinux, in some way? I know that the other admin installed something, but that was via a ruby-on-rails utility, and shouldn't have looked at anything, much less modified anything....
mark
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I would doubt it. Basically it looks like your XML database got corrupted. You could just remove it while setroubleshootd is not running, and then sealert would start working again.
you could do the following also.
ausearch -m avc -ts recent > /tmp/mylog sealert -a /tmp/mylog