[CentOS] evince file could not be saved

Daniel J Walsh dwalsh at redhat.com
Mon Jun 17 15:29:52 UTC 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/11/2013 03:28 PM, Michael Hennebry wrote:
> On Tue, 11 Jun 2013, Daniel J Walsh wrote:
> 
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>> 
>> On 06/10/2013 03:31 PM, Michael Hennebry wrote:
>>> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote:
>>> 
>>>> Michael Hennebry wrote:
>>>>> On Mon, 10 Jun 2013, Michael Hennebry wrote:
>>>>>> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote:
>>>>>>> Michael Hennebry wrote:
>>>>>>>> On Mon, 10 Jun 2013, m.roth at 5-cent.us wrote:
>>>>>>>>> Frank Cox wrote:
>>>>>>>>>> On Mon, 10 Jun 2013 12:15:15 -0500 (CDT) Michael
>>>>>>>>>> Hennebry wrote:
>>>> <snip>
>>>> 
>>>>>>>>> And I trust the filesystem isn't full? Or is selinux 
>>>>>>>>> enforcing?
>>>>>>>> 
>>>>>>>> The filesystem is not full the workaround works. selinux is
>>>>>>>> set for enforcing. [hennebry at 96-18-56-186 t2]$ ls -Zd /tmp 
>>>>>>>> drwxrwxrwt. root root system_u:object_r:tmp_t:s0       /tmp
>>>>>>>> 
>>>>>>>> I had no trouble making the absent directory.
>>>>>>> 
>>>>>>> Ahhhh... were there any selinux AVCs from when you tried to
>>>>>>> save before?
>>>> <snip>
>>>>> [root at 96-18-56-186 ~]# grep AVC /var/log/audit/audit.log 
>>>>> [root at 96-18-56-186 ~]# grep type= /var/log/audit/audit.log | wc
>>>>> 3571 52375  814962
>>>> 
>>>> ARGH!!! 3571 AVC's.... You need to find out what they're telling
>>>> you, and
>>> 
>>> No AVC's at all. The first grep came up empty. I just put in type= to 
>>> demonstrate that I was getting selinux messages.
>>> 
>>>> fix that, a combination of setsebool, semanage -P
>>>> <whatever>/restorecon -v <whatever>, and/or grep -i avc | tail 100 |
>>>> audit2allow to show you what it would do, and check the manpage for
>>>> audit2allow to get the flags right to create a module that you can
>>>> then load, as per the examples in the manpage.
> 
>> There are lots of messages in the audit.log that are not related to
>> SELinux error messages that have type=.
>> 
>> 
>> ausearch -m avc,user_avc
>> 
>> WIll show you all AVC messages.
> 
> From ausearch, I have AVC messages now, but they are all from May or from
> after I posted about evince.
> 
> I do not understand why I did not find the May ones with grep. grep still
> only gives me 7, the ones from June, and does ont give me times, even when
> I use -e time in the command line. From gview, .../audit.log does not
> contain an explicit time. Is it encoded somehow?
> 

Audit.log is being rolled, did you look at /var/log/audit/audit.log*


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlG/K3AACgkQrlYvE4MpobOiywCglzlShk+bvwxu16tyOUt3EZmd
56AAmgIaAZnTQvNkC1zGz7M7MGL15Hng
=3wHh
-----END PGP SIGNATURE-----



More information about the CentOS mailing list