FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor


 
 
LinkBack Thread Tools
 
Old 03-24-2008, 11:04 AM
Eric Paris
 
Default gconf alert

On Sun, 2008-03-23 at 07:34 -0400, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Valent Turkovic wrote:
> > Here are the latest ones from F8.
> >
> > I'll reboot to F9 beta and send those also.
> >
> > Valent.
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > --
> > fedora-selinux-list mailing list
> > fedora-selinux-list@redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> I believe you have some stuff out in /tmp that is causing this. /tmp is
> not cleaned up on a relabel.

/me had great trouble with this in the past. Any way /.autorelabel can
just blow away /tmp/* altogether? Didn't it do that once upon a time?

-Eric

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 03-24-2008, 05:59 PM
Andrew Farris
 
Default gconf alert

Eric Paris wrote:

/me had great trouble with this in the past. Any way /.autorelabel can
just blow away /tmp/* altogether? Didn't it do that once upon a time?


After suggestion from Dan in another thread I've changed my rawhide systems to
use tmpfs for /tmp and its working very nicely. I have had no problems with it
other than needing to manually define a tmp location for nautilus-burner (I used
/opt); the basic tmpfs setup leaves tmp too small for burning big images, but
that is the only thing I've needed a huge tmp for so far.


I'm using:
tmpfs /tmp tmpfs defaults 0 0

--
Andrew Farris <lordmorgul@gmail.com> www.lordmorgul.net
gpg 0xC99B1DF3 fingerprint CDEC 6FAD BA27 40DF 707E A2E0 F0F6 E622 C99B 1DF3
No one now has, and no one will ever again get, the big picture. - Daniel Geer
---- ----

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 03-25-2008, 08:11 AM
"Valent Turkovic"
 
Default gconf alert

On Sun, Mar 23, 2008 at 6:11 AM, Andrew Farris <lordmorgul@gmail.com> wrote:
> Valent Turkovic wrote:
> > Here are the latest ones from F8.
> >
> > I'll reboot to F9 beta and send those also.
> >
> > Valent.
>
> Can you try logging in via startx rather than GDM and see if it keeps happening?
> I'd be interested to know. My recent problem with GDM logging my user in as
> bootloader_t has just disappeared and I'm not sure why (although there was a
> policy and gdm version update, so it could have been fixed accidentally).

I updated gdm today and I still see issues, just look at my atachement.
I deleted /tmp completely and relabeled my rawhide againg, and just
look at the number of alerts I get!

I'll try startx now to see if it helps.

Valent.



--
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic
--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 03-25-2008, 08:12 AM
"Valent Turkovic"
 
Default gconf alert

On Tue, Mar 25, 2008 at 10:11 AM, Valent Turkovic
<valent.turkovic@gmail.com> wrote:
> On Sun, Mar 23, 2008 at 6:11 AM, Andrew Farris <lordmorgul@gmail.com> wrote:
> > Valent Turkovic wrote:
> > > Here are the latest ones from F8.
> > >
> > > I'll reboot to F9 beta and send those also.
> > >
> > > Valent.
> >
> > Can you try logging in via startx rather than GDM and see if it keeps happening?
> > I'd be interested to know. My recent problem with GDM logging my user in as
> > bootloader_t has just disappeared and I'm not sure why (although there was a
> > policy and gdm version update, so it could have been fixed accidentally).
>
> I updated gdm today and I still see issues, just look at my atachement.
> I deleted /tmp completely and relabeled my rawhide againg, and just
> look at the number of alerts I get!
>
> I'll try startx now to see if it helps.

Only thing I noticed is that npviewer alerts are caused by starting firefox 3.


--
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic

--
fedora-devel-list mailing list
fedora-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-devel-list
 
Old 03-27-2008, 09:08 AM
"Valent Turkovic"
 
Default gconf alert

On Tue, Mar 25, 2008 at 10:51 AM, Valent Turkovic
<valent.turkovic@gmail.com> wrote:
> On Tue, Mar 25, 2008 at 10:34 AM, Valent Turkovic
>
> <valent.turkovic@gmail.com> wrote:
> > On Tue, Mar 25, 2008 at 10:11 AM, Valent Turkovic
> >
> > <valent.turkovic@gmail.com> wrote:
> >
> > > On Sun, Mar 23, 2008 at 6:11 AM, Andrew Farris <lordmorgul@gmail.com> wrote:
> > > > Valent Turkovic wrote:
> > > > > Here are the latest ones from F8.
> > > > >
> > > > > I'll reboot to F9 beta and send those also.
> > > > >
> > > > > Valent.
> > > >
> > > > Can you try logging in via startx rather than GDM and see if it keeps happening?
> > > > I'd be interested to know. My recent problem with GDM logging my user in as
> > > > bootloader_t has just disappeared and I'm not sure why (although there was a
> > > > policy and gdm version update, so it could have been fixed accidentally).
> > >
> > I updated gdm today and I still see issues, just look at my
> > atachement. I deleted /tmp completely and relabeled my rawhide
> > againg, and just look at the number of alerts I get!
> >
> > I'll try startx now to see if it helps.
>
> I went to VT1 and did init 3 as root and in VT2 as regular users I
> started gnome with startx command. Before that I deleted all selinux
> alerts and these are the alerts I get from logging to gnome only. If
> you want or need some specific alert just tell me which one and I'll
> send it to you.
>
> Please look at the attachement.
>
>
>
> Cheers,
> Valent.
>

Has anybody taken a look at this? I'm seeing hundreds of selinux
alerts with each command I start be it as root (yum install... ) or
just as a regular user (firefox, gnome-terminal ...)

Any idea why is this happening?

Valent.


--
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 03-27-2008, 09:39 AM
"Valent Turkovic"
 
Default gconf alert

On Thu, Mar 27, 2008 at 11:08 AM, Valent Turkovic
<valent.turkovic@gmail.com> wrote:
> On Tue, Mar 25, 2008 at 10:51 AM, Valent Turkovic
>
>
> <valent.turkovic@gmail.com> wrote:
> > On Tue, Mar 25, 2008 at 10:34 AM, Valent Turkovic
> >
> > <valent.turkovic@gmail.com> wrote:
> > > On Tue, Mar 25, 2008 at 10:11 AM, Valent Turkovic
> > >
> > > <valent.turkovic@gmail.com> wrote:
> > >
> > > > On Sun, Mar 23, 2008 at 6:11 AM, Andrew Farris <lordmorgul@gmail.com> wrote:
> > > > > Valent Turkovic wrote:
> > > > > > Here are the latest ones from F8.
> > > > > >
> > > > > > I'll reboot to F9 beta and send those also.
> > > > > >
> > > > > > Valent.
> > > > >
> > > > > Can you try logging in via startx rather than GDM and see if it keeps happening?
> > > > > I'd be interested to know. My recent problem with GDM logging my user in as
> > > > > bootloader_t has just disappeared and I'm not sure why (although there was a
> > > > > policy and gdm version update, so it could have been fixed accidentally).
> > > >
> > > I updated gdm today and I still see issues, just look at my
> > > atachement. I deleted /tmp completely and relabeled my rawhide
> > > againg, and just look at the number of alerts I get!
> > >
> > > I'll try startx now to see if it helps.
> >
> > I went to VT1 and did init 3 as root and in VT2 as regular users I
> > started gnome with startx command. Before that I deleted all selinux
> > alerts and these are the alerts I get from logging to gnome only. If
> > you want or need some specific alert just tell me which one and I'll
> > send it to you.
> >
> > Please look at the attachement.
> >
> >
> >
> > Cheers,
> > Valent.
> >
>
> Has anybody taken a look at this? I'm seeing hundreds of selinux
> alerts with each command I start be it as root (yum install... ) or
> just as a regular user (firefox, gnome-terminal ...)
>
> Any idea why is this happening?
>
>
>
> Valent.

I'm creating live cds under rawhide and I have selinux in permissive
mode, could that be reason I'm seeing these hundreds of alerts?

Valent.


--
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 03-27-2008, 04:36 PM
John Dennis
 
Default gconf alert

Valent Turkovic wrote:

I'm creating live cds under rawhide and I have selinux in permissive
mode, could that be reason I'm seeing these hundreds of alerts?


https://www.redhat.com/archives/fedora-selinux-list/2008-March/msg00130.html

--
John Dennis <jdennis@redhat.com>

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 03-28-2008, 10:47 AM
"Valent Turkovic"
 
Default gconf alert

On Thu, Mar 27, 2008 at 6:36 PM, John Dennis <jdennis@redhat.com> wrote:
> Valent Turkovic wrote:
> > I'm creating live cds under rawhide and I have selinux in permissive
> > mode, could that be reason I'm seeing these hundreds of alerts?
>
> https://www.redhat.com/archives/fedora-selinux-list/2008-March/msg00130.html
>
> --
> John Dennis <jdennis@redhat.com>
>

Ok, I'm an idiot I got so much going on at once (work, moving to
new apartment, etc...) that I totally forgot I got this replied
already.

But I want to keep in permissive an not enforcing mode so is just
"load_policy" enough ?

Cheers,
Valent.

--
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 03-29-2008, 03:55 PM
Daniel J Walsh
 
Default gconf alert

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Valent Turkovic wrote:
> On Thu, Mar 27, 2008 at 6:36 PM, John Dennis <jdennis@redhat.com> wrote:
>> Valent Turkovic wrote:
>> > I'm creating live cds under rawhide and I have selinux in permissive
>> > mode, could that be reason I'm seeing these hundreds of alerts?
>>
>> https://www.redhat.com/archives/fedora-selinux-list/2008-March/msg00130.html
>>
>> --
>> John Dennis <jdennis@redhat.com>
>>
>
> Ok, I'm an idiot I got so much going on at once (work, moving to
> new apartment, etc...) that I totally forgot I got this replied
> already.
>
> But I want to keep in permissive an not enforcing mode so is just
> "load_policy" enough ?
>
> Cheers,
> Valent.
>
load_policy and you might need to kill any processes that are running as
unlabeled_t. Potentially you could have files that are mislabeled.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkfudJQACgkQrlYvE4MpobMfuACcDhnRsx5dXJ JoS3HGf5J4YFqp
ipMAoInLsgUWE9688LhmKhbLwkbxjBL9
=WeE3
-----END PGP SIGNATURE-----

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 
Old 04-06-2008, 08:37 AM
"Valent Turkovic"
 
Default gconf alert

On Sat, Apr 5, 2008 at 9:21 PM, Daniel J Walsh <dwalsh@redhat.com> wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Valent Turkovic wrote:
> > On Sat, Mar 29, 2008 at 6:55 PM, Daniel J Walsh <dwalsh@redhat.com> wrote:
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >> Valent Turkovic wrote:
> >>
> >>> On Thu, Mar 27, 2008 at 6:36 PM, John Dennis <jdennis@redhat.com> wrote:
> >> >> Valent Turkovic wrote:
> >> >> > I'm creating live cds under rawhide and I have selinux in permissive
> >> >> > mode, could that be reason I'm seeing these hundreds of alerts?
> >> >>
> >> >> https://www.redhat.com/archives/fedora-selinux-list/2008-March/msg00130.html
> >> >>
> >> >> --
> >> >> John Dennis <jdennis@redhat.com>
> >> >>
> >> >
> >> > Ok, I'm an idiot I got so much going on at once (work, moving to
> >> > new apartment, etc...) that I totally forgot I got this replied
> >> > already.
> >> >
> >> > But I want to keep in permissive an not enforcing mode so is just
> >> > "load_policy" enough ?
> >> >
> >> > Cheers,
> >> > Valent.
> >> >
> >> load_policy and you might need to kill any processes that are running as
> >> unlabeled_t. Potentially you could have files that are mislabeled.
> >
> >
> >
> > I made several load_policy and relabels with reboot ans I still see
> > these errors!
> > Do you have any idea why?
> >
> > Cheers,
> > Valent
> > .
> >
> >
> Do you have two policy files in /etc/selinux/targeted/policy?

# ls -al /etc/selinux/targeted/policy
total 4056
drwxr-xr-x 2 root root 4096 2008-04-03 23:05 .
drwxr-xr-x 5 root root 4096 2008-04-03 23:05 ..
-rw-r--r-- 1 root root 4128435 2008-04-03 23:05 policy.21

as you can see I have only on file in policy directory

> If you do, remove the lower version and then execute load_policy,
> Relabel the file in question and you should not have a problem. If the
> file is in /tmp you can remove it or set its label to tmp_t.

I'm going now to move all files from /tmp to another folder and then
if reboot succeeds I'll delete those files and see if I still see
selinux alerts.

So you haven't seen this kind of error? Nobody has reported anything similar?

Valent.

--
http://kernelreloaded.blog385.com/
linux, blog, anime, spirituality, windsurf, wireless
registered as user #367004 with the Linux Counter, http://counter.li.org.
ICQ: 2125241, Skype: valent.turkovic

--
fedora-selinux-list mailing list
fedora-selinux-list@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
 

Thread Tools




All times are GMT. The time now is 01:18 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org