temd-devel/2014-October/023909.html
--
Michael Scherer
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
On Sun, Oct 12, 2014 at 02:23:22AM +0200, Michael scherer wrote:
> On Sun, Oct 12, 2014 at 01:40:29AM +0200, Michael scherer wrote:
> > So, investigating the problem.
> >
> > The issue is that :
> >
> > ReadOnlyDirectories = /
> >
> > make aa_chang
On Sun, Oct 12, 2014 at 01:40:29AM +0200, Michael scherer wrote:
> So, investigating the problem.
>
> The issue is that :
>
> ReadOnlyDirectories = /
>
> make aa_change_onexec fail with
>
> Oct 11 23:22:25 test-debian systemd[1985]: Failed at step APPARMOR spa
So, investigating the problem.
The issue is that :
ReadOnlyDirectories = /
make aa_change_onexec fail with
Oct 11 23:22:25 test-debian systemd[1985]: Failed at step APPARMOR spawning
/usr/bin/tor: Read-only file system
( once there is proper reporting ). I suspect the issue is upstream, wi
On Sat, Oct 11, 2014 at 10:12:44AM +0200, intrigeri wrote:
> Hi,
>
> Michael Scherer wrote (11 Oct 2014 05:51:39 GMT) :
> > Unfortunately, it seems the error code of aa_change_onexec is not
> > propagated,
> > which is a bug ( my fault, will correct upstream ). In
Unfortunately, it seems the error code of aa_change_onexec is not propagated,
which is a bug ( my fault, will correct upstream ). In the mean time, I guess
we will have to use strace and/or gdb to get it and see what is going on.
I will try to take a look later, once I can find a VM to debug it.
:s0 tclass=capability
So i think integrating my patch would help to work toward a fix. There
is no reason to apply this only on redhat based distribution, so the
patch seems harmless to enable in unstable.
--
Michael Scherer
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.deb
ream and wait
> until it trickles back to debian.
Well, the less AVC it generate, the better it is for debugging of
selinux policy.
--
Michael Scherer
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Control: tags -1 + patch
Index: refpolicy-2.20110726/policy/modules/system/logging.fc
===
--- refpolicy-2.20110726.orig/policy/modules/system/logging.fc 2013-05-08 22:16:18.577828083 +0200
+++ refpolicy-2.20110726/policy/modules/syst
Package: selinux-policy-default
Version: 2:2.20110726-12
Severity: normal
Hi,
Using the default postfix configuration and selinux, there is several AVC in
the logs like this
avc: denied { write } for pid=548 comm="rsyslogd" name="dev" dev=sda1
ino=137040 scontext=system_u:system_r:syslogd_t
Control: tags -1 + patch
Index: refpolicy-2.20110726/policy/modules/services/irqbalance.te
===
--- refpolicy-2.20110726.orig/policy/modules/services/irqbalance.te 2013-05-08 17:09:18.225769368 +0200
+++ refpolicy-2.20110726/policy/modu
Control: tags -1 + patch
Index: refpolicy-2.20110726/policy/modules/system/miscfiles.fc
===
--- refpolicy-2.20110726.orig/policy/modules/system/miscfiles.fc 2011-03-28 17:05:16.0 +0200
+++ refpolicy-2.20110726/policy/modules/sy
Package: selinux-policy-default
Version: 2:2.20110726-12
Severity: normal
Hi,
Booting a system with systemd and SElinux, i have seen the following AVC :
May 5 14:22:36 venser dbus[511]: avc: denied { send_msg } for
msgtype=method_return dest=:1.2 spid=515 tpid=647
scontext=system_u:system
Package: selinux-policy-default
Version: 2:2.20110726-12
Severity: normal
Hi,
Having decided to give a test at SElinux, I have installed a debian 6.0 and
later
upgraded to 7.0. As recommended on the wiki, I first did a boot with selinux in
permissive mode to see if there is potential errors, a
Package: selinux-policy-default
Version: 2:2.20110726-12
Severity: normal
Hi,
on boot, I see this AVC :
May 5 14:28:40 venser kernel: [ 379.071332] type=1400
audit(1367756920.294:11): avc: denied { read } for pid=515
comm="systemd-logind" name="cpu" dev=tmpfs ino=3309
scontext=system_u:s
Package: selinux-policy-default
Version: 2:2.20110726-12
Severity: normal
Hi,
on a freshly upgraded wheey, on boot, ircbalance produce a avc :
May 5 14:22:32 venser kernel: [ 11.593105] type=1400
audit(1367756552.598:9): avc: denied { getsched } for pid=549
comm="irqbalance" scontext=sys
It seems the package was not uploaded to experimental, or I am unable to
find it ? Is there something blocking upload ?
--
Michael Scherer
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Package: ocsinventory-reports
Version: 1.01-2
Severity: normal
After installing the ocsreports interface, without changing anything to the
apache
configuration, you cannot access to the documentation, by clicking on the
leftmost
icon, pointing on http://$SERVER/doc/ocsinventory-reports/guide.pdf
r .pyo left from some upgrade. Since it was
reproductible on another computer, I didn't look further.
Sorry for the noise.
I think the bug report should be closed
--
Michael Scherer
Package: rawdog
Version: 2.4-1
Severity: important
Installing rawdog on a system without any python xml packages result in a error
:
[EMAIL PROTECTED] misc] $ rawdog -u
Feed:http://del.icio.us/rss/misc
Error parsing feed.
The debugger show the error comes from feedparser.py, when pars
20 matches
Mail list logo
