setroubleshoot-3.3.24-1
- Add 'fur' into shipped locales - Update translations - Log full reports with correct syslog identifier - Cancel pending alarm during AVC analyses
This commit is contained in:
Petr Lautrbach
parent
5886bbdd11
commit
beb2a71e3f
1
.gitignore
vendored
1
.gitignore
vendored
@ -208,3 +208,4 @@ setroubleshoot-2.2.93.tar.gz
|
||||
/setroubleshoot-3.3.21.tar.gz
|
||||
/setroubleshoot-3.3.22.tar.gz
|
||||
/setroubleshoot-3.3.23.tar.gz
|
||||
/setroubleshoot-3.3.24.tar.gz
|
||||
|
||||
@ -1,80 +0,0 @@
|
||||
From dbf63d5f6f9d9152fa2b9e7eafb4d31a2d482d21 Mon Sep 17 00:00:00 2001
|
||||
From: Petr Lautrbach <plautrba@redhat.com>
|
||||
Date: Wed, 27 May 2020 11:15:38 +0200
|
||||
Subject: [PATCH] framework: Cancel pending alarm during AVC analyses
|
||||
|
||||
Previously the alarm was reset only in main DBUS thread and only when a new AVC
|
||||
appeared. In cases when there were several AVC messages in short time, analyses
|
||||
could take more than a default timeout and later analyses were not saved to
|
||||
the database. Now we cancel pending timeouts before analyze_avc() and reset the
|
||||
timeout back to default when it's done.
|
||||
|
||||
Fixes:
|
||||
$ journalctl | grep 'sealert -l'
|
||||
setroubleshoot[314039]: SELinux is preventing bash from search access on the directory .local. For complete SELinux messages run: sealert -l ccf3307a-f4ab-4584-87c6-63884daf841a
|
||||
|
||||
$ sealert -l ccf3307a-f4ab-4584-87c6-63884daf841a
|
||||
Error
|
||||
query_alerts error (1003): id (ccf3307a-f4ab-4584-87c6-63884daf841a) not found
|
||||
---
|
||||
framework/src/setroubleshoot/analyze.py | 8 +++++++-
|
||||
framework/src/setroubleshoot/server.py | 2 +-
|
||||
2 files changed, 8 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/framework/src/setroubleshoot/analyze.py b/framework/src/setroubleshoot/analyze.py
|
||||
index 43b2484be353..9ff12886fd32 100644
|
||||
--- a/framework/src/setroubleshoot/analyze.py
|
||||
+++ b/framework/src/setroubleshoot/analyze.py
|
||||
@@ -31,6 +31,7 @@ __all__ = ['AnalyzeThread',
|
||||
import syslog
|
||||
from gi.repository import GObject, GLib
|
||||
import os
|
||||
+import signal
|
||||
import time
|
||||
import threading
|
||||
import traceback
|
||||
@@ -225,22 +226,27 @@ class Analyze(object):
|
||||
|
||||
class AnalyzeThread(Analyze, threading.Thread):
|
||||
|
||||
- def __init__(self, queue):
|
||||
+ def __init__(self, queue, timeout=10):
|
||||
# parent class constructors
|
||||
threading.Thread.__init__(self)
|
||||
Analyze.__init__(self)
|
||||
|
||||
self.queue = queue
|
||||
+ self.timeout = timeout
|
||||
|
||||
def run(self):
|
||||
while True:
|
||||
try:
|
||||
avc, report_receiver = self.queue.get()
|
||||
+ syslog.syslog(syslog.LOG_DEBUG, "AnalyzeThread.run(): Cancel pending alarm")
|
||||
+ signal.alarm(0)
|
||||
self.analyze_avc(avc, report_receiver)
|
||||
except Exception as e:
|
||||
syslog.syslog(syslog.LOG_ERR, "Exception during AVC analysis: %s" % e)
|
||||
except ValueError as e:
|
||||
syslog.syslog(syslog.LOG_ERR, "Exception during AVC analysis: %s" % e)
|
||||
+ syslog.syslog(syslog.LOG_DEBUG, "AnalyzeThread.run(): Set alarm timeout to {}".format(self.timeout))
|
||||
+ signal.alarm(self.timeout)
|
||||
|
||||
#------------------------------------------------------------------------------
|
||||
|
||||
diff --git a/framework/src/setroubleshoot/server.py b/framework/src/setroubleshoot/server.py
|
||||
index 9f25a480fc01..167e58634db5 100755
|
||||
--- a/framework/src/setroubleshoot/server.py
|
||||
+++ b/framework/src/setroubleshoot/server.py
|
||||
@@ -810,7 +810,7 @@ def RunFaultServer(timeout=10):
|
||||
# results of the analysis are to go) are included in the queued
|
||||
# object along with the data to analyze.
|
||||
|
||||
- analyze_thread = AnalyzeThread(analysis_queue)
|
||||
+ analyze_thread = AnalyzeThread(analysis_queue, timeout)
|
||||
analyze_thread.setDaemon(True)
|
||||
analyze_thread.start()
|
||||
|
||||
--
|
||||
2.26.2
|
||||
|
||||
8846
0001-framework-Update-translations.patch
Normal file
8846
0001-framework-Update-translations.patch
Normal file
File diff suppressed because it is too large
Load Diff
@ -3,15 +3,15 @@
|
||||
|
||||
Summary: Helps troubleshoot SELinux problems
|
||||
Name: setroubleshoot
|
||||
Version: 3.3.23
|
||||
Release: 5%{?dist}
|
||||
Version: 3.3.24
|
||||
Release: 1%{?dist}
|
||||
License: GPLv2+
|
||||
URL: https://pagure.io/setroubleshoot
|
||||
Source0: https://releases.pagure.org/setroubleshoot/%{name}-%{version}.tar.gz
|
||||
Source1: %{name}.tmpfiles
|
||||
# git format-patch -N setroubleshoot-3.3.23 -- framework
|
||||
# git format-patch -N setroubleshoot-3.3.24 -- framework
|
||||
# i=1; for j in 00*patch; do printf "Patch%04d: %s\n" $i $j; i=$((i+1));done
|
||||
Patch0001: 0001-framework-Cancel-pending-alarm-during-AVC-analyses.patch
|
||||
Patch0001: 0001-framework-Update-translations.patch
|
||||
BuildRequires: gcc
|
||||
BuildRequires: libcap-ng-devel
|
||||
BuildRequires: intltool gettext python3 python3-devel
|
||||
@ -200,6 +200,12 @@ SELinux troubleshoot legacy applet
|
||||
%{_bindir}/seappletlegacy
|
||||
|
||||
%changelog
|
||||
* Tue Oct 13 2020 Petr Lautrbach <plautrba@redhat.com> - 3.3.24-1
|
||||
- Add 'fur' into shipped locales
|
||||
- Update translations
|
||||
- Log full reports with correct syslog identifier
|
||||
- Cancel pending alarm during AVC analyses
|
||||
|
||||
* Sat Aug 01 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.23-5
|
||||
- Second attempt - Rebuilt for
|
||||
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||
|
||||
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (setroubleshoot-3.3.23.tar.gz) = 896fe0ef3929bc0894b5ab2a3bf54cad68efc5897d8700ae042b249de4f74d0804eabffb0ef2840b39c595b8c62f55cb9a1e94ecdff68ef001095266d4414544
|
||||
SHA512 (setroubleshoot-3.3.24.tar.gz) = ba96206fe135a719b685c825a69ebf7f9f6d99c6a24fb135763da9cee5ad14b1afdca5da1465374d327eb51ff830727a20b79ec51902e50f2e790661c63c0a0d
|
||||
|
||||
Loading…
Reference in New Issue
Block a user