View Issue Details

IDProjectCategoryView StatusLast Update
0016216CentOS-7setroubleshootpublic2019-06-26 01:36
Reporterrk-centosbug 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0016216: [abrt] setroubleshoot-server: audit_data.py:563:is_granted:KeyError: 'seresult'
DescriptionDescription of problem:
Attempting to use sealert -a /var/log/messages via cli since Gui of late is not giving me desktop alert notifications yet messages shows avc denials

Reproduced via
# sudo sealert -a /var/log/messages
0% doneTraceback (most recent call last):
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/analyze.py", line 644, in task
    self.new_audit_record_handler(record_type, event_id, body_text, fields, line_number)
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/analyze.py", line 669, in new_audit_record_handler
    self.avc_event_handler(audit_event)
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/analyze.py", line 653, in avc_event_handler
    log_debug('avc_event_handler() audit_event=%s' % audit_event)
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/audit_data.py", line 494, in __str__
    (self.event_id, self.is_avc(), self.is_granted(),
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/audit_data.py", line 563, in is_granted
    seresult = avc_record.fields['seresult']
KeyError: 'seresult'

Then hangs and get this abrt pop up

Need to upload /var/log/messages

Not sure if this is right use

Version-Release number of selected component:
setroubleshoot-server-3.2.30-3.el7

Truncated backtrace:
audit_data.py:563:is_granted:KeyError: 'seresult'

Traceback (most recent call last):
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/analyze.py", line 644, in task
    self.new_audit_record_handler(record_type, event_id, body_text, fields, line_number)
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/analyze.py", line 669, in new_audit_record_handler
    self.avc_event_handler(audit_event)
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/analyze.py", line 653, in avc_event_handler
    log_debug('avc_event_handler() audit_event=%s' % audit_event)
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/audit_data.py", line 494, in __str__
    (self.event_id, self.is_avc(), self.is_granted(),
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/audit_data.py", line 563, in is_granted
    seresult = avc_record.fields['seresult']
KeyError: 'seresult'

Local variables in innermost frame:
avc_record: <setroubleshoot.audit_data.AuditRecord object at 0x7f57886e4990>
self: <setroubleshoot.audit_data.AuditEvent object at 0x7f57886e49d0>
Additional Informationreporter: libreport-2.1.11.1
cmdline: /usr/bin/python -Es /bin/sealert -a /var/log/messages
executable: /bin/sealert
kernel: 3.10.0-957.21.2.el7.x86_64
pkg_fingerprint: 24C6 A8A7 F4A8 0EB5
pkg_vendor: CentOS
reproducible: Not sure how to reproduce the problem
runlevel: N 5
type: Python
uid: 0
TagsNo tags attached.
abrt_hash3c264fe0b573486ceecdcd028c7aefc4cf25f196
URLhttps://retrace.fedoraproject.org/faf/reports/bthash/76ebcfa72a3c1e6a119bd064c9ced320029c3fcd

Activities

rk-centosbug

rk-centosbug

2019-06-26 00:42

reporter  

backtrace (1,078 bytes)
audit_data.py:563:is_granted:KeyError: 'seresult'

Traceback (most recent call last):
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/analyze.py", line 644, in task
    self.new_audit_record_handler(record_type, event_id, body_text, fields, line_number)
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/analyze.py", line 669, in new_audit_record_handler
    self.avc_event_handler(audit_event)
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/analyze.py", line 653, in avc_event_handler
    log_debug('avc_event_handler() audit_event=%s' % audit_event)
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/audit_data.py", line 494, in __str__
    (self.event_id, self.is_avc(), self.is_granted(),
  File "/usr/lib64/python2.7/site-packages/setroubleshoot/audit_data.py", line 563, in is_granted
    seresult = avc_record.fields['seresult']
KeyError: 'seresult'

Local variables in innermost frame:
avc_record: <setroubleshoot.audit_data.AuditRecord object at 0x7f57886e4990>
self: <setroubleshoot.audit_data.AuditEvent object at 0x7f57886e49d0>
backtrace (1,078 bytes)
environ (2,145 bytes)
LOGNAME=robertk
USER=robertk
QTDIR=/usr/lib64/qt-3.3
XDG_VTNR=1
PATH=/sbin:/bin:/usr/sbin:/usr/bin
DISPLAY=:0
LANG=en_AU.utf8
TERM=xterm-256color
SHELL=/bin/bash
XAUTHORITY=/tmp/kde-robertk/xauth-1000-_0
LANGUAGE=
HISTSIZE=1000
SUDO_USER=robertk
HOME=/root
USERNAME=robertk
SUDO_UID=1000
XDG_SESSION_ID=1
SUDO_COMMAND=/bin/sealert -a /var/log/messages
SUDO_GID=1000
HOSTNAME=earth
MAIL=/var/spool/mail/robertk
LS_COLORS=rs=0:di=38;5;27:ln=38;5;51:mh=44;38;5;15:pi=40;38;5;11:so=38;5;13:do=38;5;5:bd=48;5;232;38;5;11:cd=48;5;232;38;5;3:or=48;5;232;38;5;9:mi=05;48;5;232;38;5;15:su=48;5;196;38;5;15:sg=48;5;11;38;5;16:ca=48;5;196;38;5;226:tw=48;5;10;38;5;16:ow=48;5;10;38;5;21:st=48;5;21;38;5;15:ex=38;5;34:*.tar=38;5;9:*.tgz=38;5;9:*.arc=38;5;9:*.arj=38;5;9:*.taz=38;5;9:*.lha=38;5;9:*.lz4=38;5;9:*.lzh=38;5;9:*.lzma=38;5;9:*.tlz=38;5;9:*.txz=38;5;9:*.tzo=38;5;9:*.t7z=38;5;9:*.zip=38;5;9:*.z=38;5;9:*.Z=38;5;9:*.dz=38;5;9:*.gz=38;5;9:*.lrz=38;5;9:*.lz=38;5;9:*.lzo=38;5;9:*.xz=38;5;9:*.bz2=38;5;9:*.bz=38;5;9:*.tbz=38;5;9:*.tbz2=38;5;9:*.tz=38;5;9:*.deb=38;5;9:*.rpm=38;5;9:*.jar=38;5;9:*.war=38;5;9:*.ear=38;5;9:*.sar=38;5;9:*.rar=38;5;9:*.alz=38;5;9:*.ace=38;5;9:*.zoo=38;5;9:*.cpio=38;5;9:*.7z=38;5;9:*.rz=38;5;9:*.cab=38;5;9:*.jpg=38;5;13:*.jpeg=38;5;13:*.gif=38;5;13:*.bmp=38;5;13:*.pbm=38;5;13:*.pgm=38;5;13:*.ppm=38;5;13:*.tga=38;5;13:*.xbm=38;5;13:*.xpm=38;5;13:*.tif=38;5;13:*.tiff=38;5;13:*.png=38;5;13:*.svg=38;5;13:*.svgz=38;5;13:*.mng=38;5;13:*.pcx=38;5;13:*.mov=38;5;13:*.mpg=38;5;13:*.mpeg=38;5;13:*.m2v=38;5;13:*.mkv=38;5;13:*.webm=38;5;13:*.ogm=38;5;13:*.mp4=38;5;13:*.m4v=38;5;13:*.mp4v=38;5;13:*.vob=38;5;13:*.qt=38;5;13:*.nuv=38;5;13:*.wmv=38;5;13:*.asf=38;5;13:*.rm=38;5;13:*.rmvb=38;5;13:*.flc=38;5;13:*.avi=38;5;13:*.fli=38;5;13:*.flv=38;5;13:*.gl=38;5;13:*.dl=38;5;13:*.xcf=38;5;13:*.xwd=38;5;13:*.yuv=38;5;13:*.cgm=38;5;13:*.emf=38;5;13:*.axv=38;5;13:*.anx=38;5;13:*.ogv=38;5;13:*.ogx=38;5;13:*.aac=38;5;45:*.au=38;5;45:*.flac=38;5;45:*.mid=38;5;45:*.midi=38;5;45:*.mka=38;5;45:*.mp3=38;5;45:*.mpc=38;5;45:*.ogg=38;5;45:*.ra=38;5;45:*.wav=38;5;45:*.axa=38;5;45:*.oga=38;5;45:*.spx=38;5;45:*.xspf=38;5;45:
XDG_SEAT=seat0
environ (2,145 bytes)
machineid (135 bytes)
systemd=07917d6d300540dda633fe4d779e2c28
sosreport_uploader-dmidecode=dbf8b137fc5bdc0aee3bc8ef11e9d8ef0e513af4b2a0e5cf7da65fac0e0f736a
machineid (135 bytes)
rk2-centosbug

rk2-centosbug

2019-06-26 01:36

reporter   ~0034722

Further investigation
$ sudo systemctl status auditd.service
[sudo] password for xxxx:
‚óŹ auditd.service - Security Auditing Service
   Loaded: loaded (/usr/lib/systemd/system/auditd.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Fri 2019-06-14 12:30:22 AEST; 1 weeks 4 days ago
     Docs: man:auditd(8)
           https://github.com/linux-audit/audit-documentation

Jun 14 12:30:22 earth systemd[1]: Starting Security Auditing Service...
Jun 14 12:30:22 earth auditd[9624]: Started dispatcher: /sbin/audispd pid: 9626
Jun 14 12:30:22 earth auditd[9624]: Cannot resolve hostname earth (Temporary failure in name resolution)
Jun 14 12:30:22 earth auditd[9624]: The audit daemon is exiting.
Jun 14 12:30:22 earth systemd[1]: auditd.service: control process exited, code=exited status=1
Jun 14 12:30:22 earth systemd[1]: Failed to start Security Auditing Service.
Jun 14 12:30:22 earth systemd[1]: Unit auditd.service entered failed state.
Jun 14 12:30:22 earth systemd[1]: auditd.service failed.

This would appear to explain why I have not of late received AVC denial reports. Investigating further but suspect this abrt report can be closed.

Issue History

Date Modified Username Field Change
2019-06-26 00:42 rk-centosbug New Issue
2019-06-26 00:42 rk-centosbug File Added: backtrace
2019-06-26 00:42 rk-centosbug File Added: environ
2019-06-26 00:42 rk-centosbug File Added: machineid
2019-06-26 01:36 rk2-centosbug Note Added: 0034722