Re: Who? Me?? Attacked???
Junk writes: > It also might be something much more mundane such as a bug in the > browser which occurs when you have 100+ tabs open and tries to write to > a misaddressed memory region. It may well be some malloc()-like routine returning 0, saying "no more memory for you buddy" and the code blindly dereferencing that value and causing a write to the 0-page. It is a common error with sloppy coders. -wolfgang -- g+: https://plus.google.com/114566345864337108516/about -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On 04/23/2013 07:30 PM, Beartooth wrote: > On Tue, 23 Apr 2013 17:44:33 +0100, Junk wrote: >> Try sealert -a /var/log/audit/audit.log > > [root@Hbsk2 ~]# sealert -a /var/log/audit/audit.log > 12% done[Errno 2] No such file or directory: 'wine-preloader' > 100% donefound 3 alerts in /var/log/audit/audit.log > - > [snip] > > > SELinux is preventing /usr/bin/arora from mmap_zero access on the > memprotect . > > * Plugin mmap_zero (53.1 confidence) suggests > ** > > If you do not think /usr/bin/arora should need to mmap low memory in the > kernel. > Then you may be under attack by a hacker, this is a very dangerous access. > Do > contact your security administrator and report this issue. > > * Plugin catchall_boolean (42.6 confidence) suggests > *** > > If you want to mmap_low_allowed > Then you must tell SELinux about this by enabling the 'mmap_low_allowed' > boolean.You can read 'unconfined_selinux' man page for more details. > Do > setsebool -P mmap_low_allowed 1 > > * Plugin catchall (5.76 confidence) suggests > *** > > If you believe that arora should be allowed mmap_zero access on the > memprotect by default. > Then you should report this as a bug. > You can generate a local policy module to allow this access. > Do > allow this access for now by executing: > # grep arora /var/log/audit/audit.log | audit2allow -M mypol > # semodule -i mypol.pp > > > Additional Information: > Source Contextunconfined_u:unconfined_r:unconfined_t:s0- > s0:c0.c1 > 023 > Target Contextunconfined_u:unconfined_r:unconfined_t:s0- > s0:c0.c1 > 023 > Target Objects [ memprotect ] > Sourcearora > Source Path /usr/bin/arora > Port > Host > Source RPM Packages arora-0.11.0-4.fc17.i686 > Target RPM Packages > Policy RPMselinux-policy-3.10.0-167.fc17.noarch > Selinux Enabled True > Policy Type targeted > Enforcing ModeEnforcing > Host Name Hbsk2.hsd1.va.comcast.net > Platform Linux Hbsk2.hsd1.va.comcast.net > 3.8.4-102.fc17.i686.PAE #1 SMP Sun Mar 24 > 13:15:17 > UTC 2013 i686 i686 > Alert Count 1 > First Seen2013-04-21 16:01:52 EDT > Last Seen 2013-04-21 16:01:52 EDT > Local ID fedad9e7-5ad4-49b0-a517-15a1e9efd7d4 > > Raw Audit Messages > type=AVC msg=audit(1366574512.695:480): avc: denied { mmap_zero } for > pid=25852 comm="arora" scontext=unconfined_u:unconfined_r:unconfined_t:s0- > s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0- > s0:c0.c1023 tclass=memprotect > > > type=SYSCALL msg=audit(1366574512.695:480): arch=i386 syscall=mmap2 > success=no exit=EACCES a0=0 a1=7000 a2=3 a3=4022 items=0 ppid=1 pid=25852 > auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 > sgid=1000 fsgid=1000 ses=2 tty=(none) comm=arora exe=/usr/bin/arora > subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null) > > Hash: arora,unconfined_t,unconfined_t,memprotect,mmap_zero > > audit2allow > > #= unconfined_t == > # This avc can be allowed using the boolean 'mmap_low_allowed' > > allow unconfined_t self:memprotect mmap_zero; > > audit2allow -R > > #= unconfined_t == > # This avc can be allowed using the boolean 'mmap_low_allowed' > > allow unconfined_t self:memprotect mmap_zero; > > > [root@Hbsk2 ~]# > > >> Or >> >> grep setroubleshoot /var/log/messages >> >> There will have been a full report in the graphical tool that initially >> warned you but these should give the same result. > > They don't -- this one gets > > [root@Hbsk2 ~]# grep setroubleshoot /var/log/messages > Apr 21 16:02:00 Hbsk2 setroubleshoot: SELinux is preventing /usr/bin/arora > from mmap_zero access on the memprotect . For complete SELinux messages. > run sealert -l 6805396b-b8d1-4368-9356-aef00cbb2e43 > Apr 22 14:57:12 Hbsk2 setroubleshoot: Plugin Exception wine > Apr 22 14:57:12 Hbsk2 setroubleshoot: SELinux is preventing wine-preloader > from mmap_zero access on the memprotect . For complete SELinux messages. > run sealert -l 78752ead-8351-4d64-a04d-a2f500d942cd > [root@Hbsk2 ~]# > > Excellent work. Looks good. The audit.log reports are the long form of the messages in /var/log/messages If you copied and pasted ""sealert -l 6805396b-b8d1-4368-9356-
(Over)loading Browsers (was Re: Who? Me?? Attacked???)
On Wed, 24 Apr 2013 04:35:52 +0930, Tim wrote: > Not in particular response to your actual problem, but... > > Allegedly, on or about 23 April 2013, Beartooth sent: [] >> My guess is that Arora had well over a hundred, but well under two >> hundred, tabs open when it crashed. > > I really don't know how anybody does that, with any browser. On any > computer that I've ever used, including other people's, the thing grinds > to a sludgey halt when anything more than about twenty tabs are open, > often far less. Especially with any pages that aren't just plain text. > Scripts, Flash, even just lots of pictures, are the kiss of death. And, > no, my computer isn't paging out to swap. Well, I can tell you how it comes about, if you're asking that. Then maybe we can find out if any browser(s) tolerate it better than any other(s). Wikipedia is my usual downfall, because I try to treat it much as I would a physical encyclopedia, especially a big single-volume one -- in which case, having begun one article, I'd turn to related articles, insert scraps of paper, and go back. Say I start to read about aspirin. It's a short article, but as usual, there are several links. One or two will be short enough to click to, read, and return, without losing context. Others will turn out to be pretty long; go back, click this time to open in another tab, and resume reading about aspirin. Then still other links will refer to things I've long wanted to read about; again, open a background tab. And so on -- recursively. And if this sounds bad, be assured that when I had a carrel in the stacks of a big library (as I did for twenty years) it was an order of magnitude more onerous. The thing of it is, though, that it's so insidious. The row of tabs grows gradually, and the slowing down is also gradual, and it gets to be a little like quicksand. However, any time I'm not otherwise preoccupied, I can always read my way through a long and known to be interesting sites, closing tabs behind me. But don't do it with any browser that doesn't keep a current list of your tabs! -- Beartooth Staffwright, Neo-Redneck Not Quite Clueless Power User Remember I have precious (very precious!) little idea where up is. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
Not in particular response to your actual problem, but... Allegedly, on or about 23 April 2013, Beartooth sent: > I can't imagine anything I have being of interest to an intruder. These days, it seems that miscreants have little interest in what's on your computer, but are interested in using your computer for their nefarious purposes. > My guess is that Arora had well over a hundred, but well under > two hundred, tabs open when it crashed. I really don't know how anybody does that, with any browser. On any computer that I've ever used, including other people's, the thing grinds to a sludgey halt when anything more than about twenty tabs are open, often far less. Especially with any pages that aren't just plain text. Scripts, Flash, even just lots of pictures, are the kiss of death. And, no, my computer isn't paging out to swap. -- [tim@localhost ~]$ uname -rsvp Linux 3.8.4-102.fc17.x86_64 #1 SMP Sun Mar 24 13:09:09 UTC 2013 x86_64 All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I will only read messages posted to the public lists. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On Tue, 23 Apr 2013 17:44:33 +0100, Junk wrote: > On 23 Apr 2013, at 17:10, Beartooth wrote: > >> On Mon, 22 Apr 2013 16:40:19 +0800, Ed Greshko wrote: >>[] >>> The only thing worse than a poorly asked question is a cryptic answer. >> >>OK, first off, I'm the OP. >> >>I suppose I should be flattered at being addressed as if I were >> an Alpha Plus Technoid; but I'm not one. I'm just an old twice-retired >> bookworm, running Fedora because there's more and better help online >> for it than for anything else I've tried (most of the well-known >> distros), and because I began back in '98 with RedHat. I can't imagine >> anything I have being of interest to an intruder. >> >> > Your right. They probably aren't interested in what you have. They might > be interested in taking over your machine as part of a botnet though. A > large amount of attacks are now automated against wide ranges of devices Well, yes, I suppose some bad guy wanting only lots of machines, any machines, might like mine, too. >>All the replies in this thread so far have been way over my head. >> The one thing I gather some of you want is the error message from SEL, >> verbatim. I don't have it; I presume it's in some log somewhere, but I >> have no idea how to find that log. >> >> > Try sealert -a /var/log/audit/audit.log [root@Hbsk2 ~]# sealert -a /var/log/audit/audit.log 12% done[Errno 2] No such file or directory: 'wine-preloader' 100% donefound 3 alerts in /var/log/audit/audit.log - [snip] SELinux is preventing /usr/bin/arora from mmap_zero access on the memprotect . * Plugin mmap_zero (53.1 confidence) suggests ** If you do not think /usr/bin/arora should need to mmap low memory in the kernel. Then you may be under attack by a hacker, this is a very dangerous access. Do contact your security administrator and report this issue. * Plugin catchall_boolean (42.6 confidence) suggests *** If you want to mmap_low_allowed Then you must tell SELinux about this by enabling the 'mmap_low_allowed' boolean.You can read 'unconfined_selinux' man page for more details. Do setsebool -P mmap_low_allowed 1 * Plugin catchall (5.76 confidence) suggests *** If you believe that arora should be allowed mmap_zero access on the memprotect by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep arora /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Contextunconfined_u:unconfined_r:unconfined_t:s0- s0:c0.c1 023 Target Contextunconfined_u:unconfined_r:unconfined_t:s0- s0:c0.c1 023 Target Objects [ memprotect ] Sourcearora Source Path /usr/bin/arora Port Host Source RPM Packages arora-0.11.0-4.fc17.i686 Target RPM Packages Policy RPMselinux-policy-3.10.0-167.fc17.noarch Selinux Enabled True Policy Type targeted Enforcing ModeEnforcing Host Name Hbsk2.hsd1.va.comcast.net Platform Linux Hbsk2.hsd1.va.comcast.net 3.8.4-102.fc17.i686.PAE #1 SMP Sun Mar 24 13:15:17 UTC 2013 i686 i686 Alert Count 1 First Seen2013-04-21 16:01:52 EDT Last Seen 2013-04-21 16:01:52 EDT Local ID fedad9e7-5ad4-49b0-a517-15a1e9efd7d4 Raw Audit Messages type=AVC msg=audit(1366574512.695:480): avc: denied { mmap_zero } for pid=25852 comm="arora" scontext=unconfined_u:unconfined_r:unconfined_t:s0- s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0- s0:c0.c1023 tclass=memprotect type=SYSCALL msg=audit(1366574512.695:480): arch=i386 syscall=mmap2 success=no exit=EACCES a0=0 a1=7000 a2=3 a3=4022 items=0 ppid=1 pid=25852 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ses=2 tty=(none) comm=arora exe=/usr/bin/arora subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null) Hash: arora,unconfined_t,unconfined_t,memprotect,mmap_zero audit2allow #= unconfined_t == # This avc can be allowed using the boolean 'mmap_low_allowed' allow unconfined_t self:memprotect mmap_zero; audit2allow -R #= unconfined_t == # This avc can be allowed using the boolean 'mmap_low_allowed' allow unconfined_t self:memprotect mmap_zero; [root@Hbsk2 ~]# -
Re: Who? Me?? Attacked???
On 23 Apr 2013, at 17:10, Beartooth wrote: > On Mon, 22 Apr 2013 16:40:19 +0800, Ed Greshko wrote: >[] >> The only thing worse than a poorly asked question is a cryptic answer. > >OK, first off, I'm the OP. > >I suppose I should be flattered at being addressed as if I were > an Alpha Plus Technoid; but I'm not one. I'm just an old twice-retired > bookworm, running Fedora because there's more and better help online for > it than for anything else I've tried (most of the well-known distros), > and because I began back in '98 with RedHat. I can't imagine anything I > have being of interest to an intruder. > Your right. They probably aren't interested in what you have. They might be interested in taking over your machine as part of a botnet though. A large amount of attacks are now automated against wide ranges of devices >All the replies in this thread so far have been way over my head. > The one thing I gather some of you want is the error message from SEL, > verbatim. I don't have it; I presume it's in some log somewhere, but I > have no idea how to find that log. > Try sealert -a /var/log/audit/audit.log Or grep setroubleshoot /var/log/messages There will have been a full report in the graphical tool that initially warned you but these should give the same result. Junk -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On Mon, 22 Apr 2013 16:40:19 +0800, Ed Greshko wrote: [] > The only thing worse than a poorly asked question is a cryptic answer. OK, first off, I'm the OP. I suppose I should be flattered at being addressed as if I were an Alpha Plus Technoid; but I'm not one. I'm just an old twice-retired bookworm, running Fedora because there's more and better help online for it than for anything else I've tried (most of the well-known distros), and because I began back in '98 with RedHat. I can't imagine anything I have being of interest to an intruder. All the replies in this thread so far have been way over my head. The one thing I gather some of you want is the error message from SEL, verbatim. I don't have it; I presume it's in some log somewhere, but I have no idea how to find that log. As for the rest of the comments, however well-meant, I can't tell what is wanted; but I'll try to go find it if someone can make it clear to me. My guess is that Arora had well over a hundred, but well under two hundred, tabs open when it crashed. SEL then offered me two choices, both having something to do with Arora trying to access memory somewhere that SEL thought it had no business accessing. A point that may or may not be relevant is that the machine I was using had been running slow, with some of the probably busiest apps (Pan, several browsers, and Alpine) seeming especially slow. Pan and Firefox (but iirc not Arora) had actually crashed a time or two, in one of two ways. Sometimes they just went away, but I could restart them (and, with one or two of the browsers, eliminate some of the open tabs before full restoration). Sometimes they produced what I've called, in another recent thread here, the Diagonal Screen of Death (DSoD). -- Beartooth Staffwright, Neo-Redneck Not Quite Clueless Power User Remember I have precious (very precious!) little idea where up is. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On 04/22/13 16:03, Reindl Harald wrote: > > Am 22.04.2013 02:04, schrieb Aaron Gray: >> Why is this not all automated on the net so there is a global Fedora >> database of SELinux AVC's. That intelligently >> ignores but tallies what is know to be a fault and highlights any new breaks >> ? >> >> Oh, and I believe bugzilla is crap and needs replacing with something more >> user friendly. It took 4 attempts to >> make an entry each time loosing what I had typed and ended up with an >> incomplete entry in the end. >> >> These two need to be combined. Also we need all error logs at startup to be >> beamed into our new "central control >> centre". >> >> BTW. This is not an April fools joke > besides the fact that you should NOT top-post (put your reply > above the quote) how does all this rant help anybody > helping you since you still refuse to provide any details > > so start provide informations or tell your rant somebody else > Of course you do realize that Aaron is not the OP and was just taking the opportunity to insert a rant really unconnected with the OP. So, in a sense, top posting was OK. :-) (note the smiley face to denote sarcasm) -- The only thing worse than a poorly asked question is a cryptic answer. signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
Am 22.04.2013 02:04, schrieb Aaron Gray: > Why is this not all automated on the net so there is a global Fedora database > of SELinux AVC's. That intelligently > ignores but tallies what is know to be a fault and highlights any new breaks ? > > Oh, and I believe bugzilla is crap and needs replacing with something more > user friendly. It took 4 attempts to > make an entry each time loosing what I had typed and ended up with an > incomplete entry in the end. > > These two need to be combined. Also we need all error logs at startup to be > beamed into our new "central control > centre". > > BTW. This is not an April fools joke besides the fact that you should NOT top-post (put your reply above the quote) how does all this rant help anybody helping you since you still refuse to provide any details so start provide informations or tell your rant somebody else signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On Sun, Apr 21, 2013 at 8:04 PM, Aaron Gray wrote: > Why is this not all automated on the net so there is a global Fedora > database of SELinux AVC's. That intelligently ignores but tallies what is > know to be a fault and highlights any new breaks ? > > Oh, and I believe bugzilla is crap and needs replacing with something more > user friendly. It took 4 attempts to make an entry each time loosing what I > had typed and ended up with an incomplete entry in the end. > > These two need to be combined. Also we need all error logs at startup to > be beamed into our new "central control centre". > Bugzilla is the bug tracking system used by hundreds of widely used open source projects and it won't be replaced just like that but yes, improvements could be made especially if more people contribute. I hope you consider doing that. Rahul -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On 22.04.2013 02:31, Ed Greshko wrote: > Is that meant to be helpful in any way to the OP? Don't be a doubting Thomas. :) … > Name and summary matches only, use "search all" for everything. :) poma -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On 04/22/13 07:49, poma wrote: > > > yum search Arora > error: rpmdb: BDB0113 Thread/process 19288/140223507343168 failed: > BDB1507 Thread died in Berkeley DB library > error: db5 error(-30973) from dbenv->failchk: BDB0087 DB_RUNRECOVERY: > Fatal error, run database recovery > error: cannot open Packages index using db5 - (-30973) > error: cannot open Packages database in /var/lib/rpm > CRITICAL:yum.main: > > Error: rpmdb open failed > > Dude, what are you doing!? :) > Is that meant to be helpful in any way to the OP? [egreshko@meimei ~]$ yum search Arora Loaded plugins: langpacks, presto, refresh-packagekit adobe-linux-x86_64 | 951 B 00:00:00 fedora/18/x86_64/metalink | 9.4 kB 00:00:00 google-chrome | 951 B 00:00:00 rpmfusion-free-updates | 3.3 kB 00:00:00 rpmfusion-nonfree-updates | 3.3 kB 00:00:00 updates/18/x86_64/metalink | 5.2 kB 00:00:00 virtualbox | 951 B 00:00:00 updates/pkgtags| 333 B 00:00:00 === N/S Matched: Arora === arora.x86_64 : A cross platform web browser Name and summary matches only, use "search all" for everything. -- From now on, at least during winter time, Im going to blame all spelling an grammar erros on the cat sitting on my chest every time I sit down at the computer -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
Why is this not all automated on the net so there is a global Fedora database of SELinux AVC's. That intelligently ignores but tallies what is know to be a fault and highlights any new breaks ? Oh, and I believe bugzilla is crap and needs replacing with something more user friendly. It took 4 attempts to make an entry each time loosing what I had typed and ended up with an incomplete entry in the end. These two need to be combined. Also we need all error logs at startup to be beamed into our new "central control centre". BTW. This is not an April fools joke. On 21 April 2013 23:09, Steven Stern wrote: > On 04/21/2013 03:09 PM, Beartooth wrote: > > > > Arora has just crashed. SELinux reports that I may be under > > attack and should report. I'm guessing it's a lot more likely SELinux is > > being needlessly paranoid. (I'm running F17, fully updated, and arora had > > a probably excessive number of tabs open.) > > > > Is this guess plausible? What should I do? > > > What are the AVCs? What is the exact wording of the message from SELinux? > > -- > -- Steve > -- > users mailing list > users@lists.fedoraproject.org > To unsubscribe or change subscription options: > https://admin.fedoraproject.org/mailman/listinfo/users > Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines > Have a question? Ask away: http://ask.fedoraproject.org > -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On 04/21/2013 11:24 PM, Beartooth wrote: > On Sun, 21 Apr 2013 22:31:35 +0200, Reindl Harald wrote: > >> Am 21.04.2013 22:09, schrieb Beartooth: >>> >>> Arora has just crashed. [] (I'm running F17, fully updated, > and >>> arora had a probably excessive number of tabs open.) >>> >>> Is this guess plausible? What should I do? >> >> what answer do you expect wihtout provide any information? > > Oh come off it. Read what I wrote. > yum search Arora error: rpmdb: BDB0113 Thread/process 19288/140223507343168 failed: BDB1507 Thread died in Berkeley DB library error: db5 error(-30973) from dbenv->failchk: BDB0087 DB_RUNRECOVERY: Fatal error, run database recovery error: cannot open Packages index using db5 - (-30973) error: cannot open Packages database in /var/lib/rpm CRITICAL:yum.main: Error: rpmdb open failed Dude, what are you doing!? :) poma -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On 04/21/2013 03:09 PM, Beartooth wrote: > > Arora has just crashed. SELinux reports that I may be under > attack and should report. I'm guessing it's a lot more likely SELinux is > being needlessly paranoid. (I'm running F17, fully updated, and arora had > a probably excessive number of tabs open.) > > Is this guess plausible? What should I do? > What are the AVCs? What is the exact wording of the message from SELinux? -- -- Steve -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
Am 21.04.2013 23:24, schrieb Beartooth: > On Sun, 21 Apr 2013 22:31:35 +0200, Reindl Harald wrote: > >> Am 21.04.2013 22:09, schrieb Beartooth: >>> >>> Arora has just crashed. [] (I'm running F17, fully updated, > and >>> arora had a probably excessive number of tabs open.) >>> >>> Is this guess plausible? What should I do? >> >> what answer do you expect wihtout provide any information? > > Oh come off it. Read what I wrote you wrote NOTHING which provides any detail informations helping anybody to help you signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On 04/22/13 05:24, Beartooth wrote: > On Sun, 21 Apr 2013 22:31:35 +0200, Reindl Harald wrote: > >> Am 21.04.2013 22:09, schrieb Beartooth: >>> Arora has just crashed. [] (I'm running F17, fully updated, > and >>> arora had a probably excessive number of tabs open.) >>> >>> Is this guess plausible? What should I do? >> what answer do you expect wihtout provide any information? > Oh come off it. Read what I wrote. > I read what you wrote and I have no idea what you're talking about or what kind of help you are expecting. Please provide more information about the "crash" and provide the output of what is being reported by SELinux. -- From now on, at least during winter time, Im going to blame all spelling an grammar erros on the cat sitting on my chest every time I sit down at the computer -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
On Sun, 21 Apr 2013 22:31:35 +0200, Reindl Harald wrote: > Am 21.04.2013 22:09, schrieb Beartooth: >> >> Arora has just crashed. [] (I'm running F17, fully updated, and >> arora had a probably excessive number of tabs open.) >> >> Is this guess plausible? What should I do? > > what answer do you expect wihtout provide any information? Oh come off it. Read what I wrote. -- Beartooth Staffwright, Neo-Redneck Not Quite Clueless Power User Remember I have precious (very precious!) little idea where up is. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
Re: Who? Me?? Attacked???
Am 21.04.2013 22:09, schrieb Beartooth: > > Arora has just crashed. SELinux reports that I may be under > attack and should report. I'm guessing it's a lot more likely SELinux is > being needlessly paranoid. (I'm running F17, fully updated, and arora had > a probably excessive number of tabs open.) > > Is this guess plausible? What should I do? what answer do you expect wihtout provide any information? > SELinux reports that I may be under attack and should report which is surely not all what SELinux reports http://www.catb.org/esr/faqs/smart-questions.html signature.asc Description: OpenPGP digital signature -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org