on machine with CPU -> 100%, lots of avc's
Manuel Wolfshant
wolfy at nobugconsulting.ro
Wed Feb 4 23:35:30 UTC 2009
On 02/04/2009 08:46 PM, Antonio Olivares wrote:
>
> --- On Wed, 2/4/09, Dominick Grift <domg472 at gmail.com> wrote:
>
>
>> From: Dominick Grift <domg472 at gmail.com>
>> Subject: Re: on machine with CPU -> 100%, lots of avc's
>> To: olivares14031 at yahoo.com
>> Cc: fedora-selinux-list at redhat.com, fedora-test-list at redhat.com
>> Date: Wednesday, February 4, 2009, 9:33 AM
>> Op woensdag 04-02-2009 om 08:39 uur [tijdzone -0800],
>> schreef Antonio
>> Olivares:
>>
>>
>>> setroubleshooter does not kick in and I find these via
>>>
>> dmesg.
>>
>>> Thanks for help/advice provided.
>>>
>>
>> Do you not have auditd enabled? Usually the avc denials are
>> in /var/log/audit/audit.log
>>
>> The avc denials are (most likely) due to missing policy.
>> You can pipe
>> them into the input stream of audit2why to confirm this.
>>
>>
>>> --
>>>
>
>
> I wonder what is wrong auditd is not running :(, it is enabled via services, but it is not working:
>
>
Make sure it has enough space on disk.It will commit suicide if the disk
is near full.
> [olivares at localhost ~]$ su -
> Password:
> [root at localhost ~]# chkconfig auditd --list
> auditd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
> [root at localhost ~]# service auditd status
> auditd is stopped
> [root at localhost ~]#
>
>
>
More information about the fedora-selinux-list
mailing list