setroubleshoot
play

setroubleshoot A User Friendly Tool to Diagnose & Manage AVC - PowerPoint PPT Presentation

Mar 22, 2023 •141 likes •401 views

setroubleshoot A User Friendly Tool to Diagnose & Manage AVC Denials John Dennis - Red Hat http://hosted.fedoraproject.org/projects/setroubleshoot Why is adoption slow? Developers won't work with SELinux enabled Perceived as

  1. setroubleshoot A User Friendly Tool to Diagnose & Manage AVC Denials John Dennis - Red Hat http://hosted.fedoraproject.org/projects/setroubleshoot

  2. Why is adoption slow? ● Developers won't work with SELinux enabled ● Perceived as creating new bugs ● Difficult to ascertain cause of software failure ● SELinux vendors can't support field problems ● System administrators are not trained to look for SELinux denials, cannot diagnose them, do not know how to resolve them, and ...

  3. ...The Release Notes Says: We recommend disabling SELinux... Our application does not work with SELinux... If you experience any abnormal behavior you should disable SELinux...

  4. Error Reporting Misleading ● An SELinux denial reported as something else – Best case is EPERM, EACCESS: still misleading ● Traditionally look for DAC permission problem – But DAC is fine, HUH??? ● SELinux denials appear in system log files – syslog – audit log

  5. Incomprehensible ● Even if error is correlated to SELinux the error message is incomprehensible avc: denied { search } for comm="dbus-daemon" dev=hda5 egid=81 euid=81 exe="/bin/dbus-daemon" exit=-2 fsgid=81 fsuid=81 gid=81 items=0 name="yp" pid=2226 scontext=system_u:system_r:system_dbusd_t:s0 sgid=81 subj=system_u:system_r:system_dbusd_t:s0 suid=81 tclass=dir tcontext=system_u:object_r:var_yp_t:s0 tty=(none) uid=81 Should be: SELinux prevented the dbus daemon from using NIS (yp)

  6. Denials Are Silent ● For practical purposes denials are silent – Only in log file – Little correlation to application – Incomprehensible – Little correlation to user action

  7. Goals ● Plug-in architecture for analysis modules ● Flexible alert mechanism – GUI pop up notification – Email notification – System monitoring integration – Not obnoxious

  8. Goals (continued) ● Easy review of alerts ● No dependencies outside of core Linux ● Both local & distributed monitoring ● Integration with bug reporting ● Query if alert represents known problem

  9. Implementation ● Written in python ● XML storage and data exchange ● Client/Server model with RPC ● Highly asynchronous – Completely event driven model

  10. Show me the money! ● Vital to make SELinux denials visible – Must be aware a denial occurred – users/developers are aided when denial is reported at the moment it occurs, helps correlate ● Denial must be comprehensible

  11. GUI Alert Notification ● Notification in real time ● Status icon appears (unviewed alert) ● Temporary balloon notification ● Click on icon to open alert browser

  12. Alert Browser

  13. Status Bar

  14. Two Major Components ● setroubleshootd (a.k.a server) – Real time audit connection – Persistent alert database for node – Permits connections for alert notification, queries ● sealert (a.k.a. client) – GUI alert notification, browsing – Log file scanning (analysis)

  15. Setroubleshoot Architecture

  16. Audit Message Processing ● Receive audit message ● Synthesize AVC event from audit messages ● Place AVC event on analysis queue ● Dequeue AVC event, iterate over plugins ● Insert plugin report into target database ● Database change notification emitted

  17. Analysis ● Loadable plugins perform analysis ● Plugins have ordering precedence ● Plugin is provided a processed AVC object ● Plugin upon AVC match provides report – Summary, Description, Fix ● System environment query optional

  18. Alert Databases ● Alert databases store plugin reports (i.e. Alerts) ● Alert databases permit AVC events to be merged into existing alerts by signature ● Alert databases permit alerts to be grouped by node, log file, etc. ● An alert database is an XML document wrapped as an object with access and notification methods

  19. Alert Signatures ● Alerts are keyed by signature ● Signatures are portable ● Signatures allow aggregation ● Plugin defines the signature ● A signature is the minimal AVC and environment properties needed to uniquely identify ● Signatures are small XML documents

  20. Log File Scanning ● Log files may be scanned & analyzed – In GUI browser – From command line (in text or HTML format) ● Final analysis produces a set of alerts – Each alert has unique signature – Alert occurrence count – Line number correlation – System environment info will be absent

  21. Disposition of Alert Report

  22. Email Alerts ● Setroubleshootd can send email alerts ● List of email recipients and SMTP configurable ● Email alert can be suppressed via filtering ● Email is both plain text and HTML

  23. Operational Modes

  24. Conclusion ● An extensible tool has been built which aids Developers – System Administrators – Users – ● In recognizing AVC denials Real time – From log files – Locally and Remotely – ● Comprehending the denial & suggesting a solution

  25. Future Work ● Extending plugins ● Better integration with bug reporting ● Integrate with log aggregation ● Environment triggers (e.g. a new package is available which fixes an alert)

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Systemic Banks, Mortgage Supply and Housing Rents Pedro Gete and Michael Reher Georgetown &

Systemic Banks, Mortgage Supply and Housing Rents Pedro Gete and Michael Reher Georgetown &

Systemic Banks, Mortgage Supply and Housing Rents Pedro Gete and Michael Reher Georgetown & Harvard September 2016 Motivation What drives recent housing rents and HOR dynamics? Tight credit supply (among other factors) A 1pp

592 views • 45 slides
SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities

SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities

SlowFuzz: Automated Domain-Independent Detection of Algorithmic Complexity Vulnerabilities Theofilos Petsios , Jason Zhao, Angelos D. Keromytis, and Suman Jana Columbia University ACM Conference on Computer and Communications Security (CCS)

563 views • 38 slides
Hospital Presumptive Eligibility Data requirements Standards and accountability Recordkeeping

Hospital Presumptive Eligibility Data requirements Standards and accountability Recordkeeping

Hospital Presumptive Eligibility Data requirements Standards and accountability Recordkeeping requirements What OHA is required to track What hospitals must report DATA REQUIREMENTS AND ACCOUNTABILITY 2 What does OHA need to track?

533 views • 14 slides
Denial-of-Service (DoS) CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva

Denial-of-Service (DoS) CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva

Denial-of-Service (DoS) CS 161: Computer Security Prof. Vern Paxson TAs: Paul Bramsen, Apoorva Dornadula, David Fifield, Mia Gil Epner, David Hahn, Warren He, Grant Ho, Frank Li, Nathan Malkin, Mitar Milutinovic, Rishabh Poddar, Rebecca Portnoff,

752 views • 36 slides
INDE DEX OF F SL SLIDE DES Pre Pre-2017 Mo 2017 Money-Ba Based S System Pos Post-2016

INDE DEX OF F SL SLIDE DES Pre Pre-2017 Mo 2017 Money-Ba Based S System Pos Post-2016

INDE DEX OF F SL SLIDE DES Pre Pre-2017 Mo 2017 Money-Ba Based S System Pos Post-2016 2016 P Program ams an and Dat Data 2-4 Catch & Release Crisis 11-12 ABQ Crime Rates 5-9 Constitutional Amendment 13 ABQ

357 views • 31 slides
Senate and House Proposals to Expand Medicaid in Kansas Medicaid Expansion Council Meeting

Senate and House Proposals to Expand Medicaid in Kansas Medicaid Expansion Council Meeting

Coverage Components of Senate and House Proposals to Expand Medicaid in Kansas Medicaid Expansion Council Meeting December 12, 2019 1 Senate Proposal Medicaid Expansion Council Meeting | Kansas Expansion Overview: Three Step Approach to

266 views • 14 slides
Learning Objec7ves Understanding the components of Monitoring

Learning Objec7ves Understanding the components of Monitoring

Francine Farrell, LMFT, CADC-II CPPPH Presenta7on July 28, 2012 M ONITORING & S UPPORT FOR P HYSICIANS I N THE P OST -D IVERSION E RA Francine Farrell, LMFT,

142 views • 12 slides
Presented by Jason A. Donenfeld FOSDEM 2017 Who Who Am I? Am I? Jason Donenfeld, also known

Presented by Jason A. Donenfeld FOSDEM 2017 Who Who Am I? Am I? Jason Donenfeld, also known

Presented by Jason A. Donenfeld FOSDEM 2017 Who Who Am I? Am I? Jason Donenfeld, also known as ZX2C4 , founder of Edge Security (.com), a security consultancy. Background in exploitation, kernel vulnerabilities, crypto vulnerabilities,

575 views • 41 slides
Modeling the Dynamics of a Smart Dental Drill Sheela Hanagal and Minji Kim 15-424 1 What is a

Modeling the Dynamics of a Smart Dental Drill Sheela Hanagal and Minji Kim 15-424 1 What is a

Modeling the Dynamics of a Smart Dental Drill Sheela Hanagal and Minji Kim 15-424 1 What is a Smart Dental Drill? A drill used during dental implant surgeries, which provides updates on the location of the drill in reference to the

412 views • 16 slides
The Effect of Plaque on Peri Implant Soft Tissue Health: a 4 Years Follow up Study M. Rismanchian

The Effect of Plaque on Peri Implant Soft Tissue Health: a 4 Years Follow up Study M. Rismanchian

1 The Effect of Plaque on Peri Implant Soft Tissue Health: a 4 Years Follow up Study M. Rismanchian DDS, MSc*, A. Fazel DDS, MSc** ABSTRACT Introduction: Microbial plaque is the main etiologic factor which causes disease in soft tissue around

215 views • 6 slides
Part 3 Surgical Phase 26/11/2015 LIMU Dr. Rafik M. Alkowafi 109 Basic factors in implant

Part 3 Surgical Phase 26/11/2015 LIMU Dr. Rafik M. Alkowafi 109 Basic factors in implant

5/20/2016 Part 3 Surgical Phase 26/11/2015 LIMU Dr. Rafik M. Alkowafi 109 Basic factors in implant surgery After planning, the surgical execution of implant placement is the next critical procedure in attaining successful

620 views • 40 slides
Different corrosive effects on hydroxyapatite nanocrystals and amine fluoride-based mouthwashes

Different corrosive effects on hydroxyapatite nanocrystals and amine fluoride-based mouthwashes

Different corrosive effects on hydroxyapatite nanocrystals and amine fluoride-based mouthwashes on dental titanium brackets: a comparative in vitro study Presented by Sean Day, Stanley Gelin, Kristin OConnor, Chris Sullivan, and Brian

634 views • 31 slides
Technology Advancements in Restorative Dentistry: Scanning, Milling & Printing Colby Smith,

Technology Advancements in Restorative Dentistry: Scanning, Milling & Printing Colby Smith,

7/1/2019 Technology Advancements in Restorative Dentistry: Scanning, Milling & Printing Colby Smith, DDS, MAGD 1 1 7/1/2019 UCLA Hawaii 2019 2 2 7/1/2019 Acknowledgements 3 3 7/1/2019 Disclosures I do not receive compensation

1.13k views • 58 slides
An Alternate Method of Denture Construction Michael J. Maginnis. D.D.S., M.S., FACP Board

An Alternate Method of Denture Construction Michael J. Maginnis. D.D.S., M.S., FACP Board

Removable Prosthodontics: An Alternate Method of Denture Construction Michael J. Maginnis. D.D.S., M.S., FACP Board Certified Specialist, Removable Prosthodontics Treatment Dentures This is a special denture construction technique developed by

352 views • 19 slides
Blood and Tissue: Products Liability Risks and Implications Overview How are tissue products

Blood and Tissue: Products Liability Risks and Implications Overview How are tissue products

Blood and Tissue: Products Liability Risks and Implications Overview How are tissue products regulated? Human Tissue: Product or Service? State Statutes and Blood Shield Laws Case Study What happens in litigation? Mitigating the Risks What

705 views • 23 slides
COVERED CALIFORNIA POLICY AND ACTION ITEMS January 17, 2019 Board Meeting 2019 QUALIFIED DENTAL

COVERED CALIFORNIA POLICY AND ACTION ITEMS January 17, 2019 Board Meeting 2019 QUALIFIED DENTAL

COVERED CALIFORNIA POLICY AND ACTION ITEMS January 17, 2019 Board Meeting 2019 QUALIFIED DENTAL BENEFIT DESIGN James DeBenedetti, Director, Plan Management Action 1 2019 DENTAL COPAYMENT SCHEDULE The 2019 Dental Copayment Schedule was

1.15k views • 77 slides
Hanno Coetzer RESEARCH PROJECTS / STUDENT SUPERVISION BIOMETRIC AUTHENTICATION / RECOGNITION

Hanno Coetzer RESEARCH PROJECTS / STUDENT SUPERVISION BIOMETRIC AUTHENTICATION / RECOGNITION

Hanno Coetzer RESEARCH PROJECTS / STUDENT SUPERVISION BIOMETRIC AUTHENTICATION / RECOGNITION BEHAVIOURAL Offline and online handwritten signatures (MSc, PhD) PHYSICAL Hand veins (MSc, PhD), Fingerprints (MSc), Ears (MSc)

502 views • 15 slides
Problem statement: parametrized weak form Exact parametrized elastodynamic problem

Problem statement: parametrized weak form Exact parametrized elastodynamic problem

Problem statement: parametrized weak form Exact parametrized elastodynamic problem m 2 u e ( x , t ; ) + c u e ( x , t ; ) ( ) = g ( t ) f ( v ; ), + a u e ( x

160 views • 15 slides
Surgical repositioning , replantation and transplantation of teeth Dr. Rafik Al Kowafi BDS,

Surgical repositioning , replantation and transplantation of teeth Dr. Rafik Al Kowafi BDS,

Surgical repositioning , replantation and transplantation of teeth Dr. Rafik Al Kowafi BDS, MSc, German board of Oral and Maxillofacial Surgery ( Berlin- Germany), Doctoral degree by LBMS 1-Surgical repositioning of impacted or malposed

323 views • 10 slides
Overview of hadrontherapy Marco Schwarz marco.schwarz@apss.tn.it Why hadrons? From physics to

Overview of hadrontherapy Marco Schwarz marco.schwarz@apss.tn.it Why hadrons? From physics to

Proton Therapy Department Trento Hospital Trento(IT) Overview of hadrontherapy Marco Schwarz marco.schwarz@apss.tn.it Why hadrons? From physics to biological effect From physics to technology Hadron-specific medical physics issues Why

798 views • 65 slides
January 7, 2016 AGENDA Dental Technical Work Group Meeting and Webinar Thursday January 7,

January 7, 2016 AGENDA Dental Technical Work Group Meeting and Webinar Thursday January 7,

Dental Technical Work Group January 7, 2016 AGENDA Dental Technical Work Group Meeting and Webinar Thursday January 7, 10:00 a.m. - 12:00 p.m. Agenda Items Suggested Time I. Welcome and Introductions 10:00 - 10:10 (10 min) II. Program

314 views • 29 slides
Ti-6Al-4V titanium and stainless steel temporary anchorage devices. Andrea Scribante, Mona A

Ti-6Al-4V titanium and stainless steel temporary anchorage devices. Andrea Scribante, Mona A

UNIVERSITY OF PAVIA Department of Clinical, Surgical, Diagnostic and Paediatric Sciences, Section of Dentistry Unit of Orthodontics and Paediatric Dentistry Pavia, Italy Reliability of orthodontic miniscrews: bending and maximum load of

219 views • 18 slides
GxP-Compliant Calibration Learning from the Warning Letters Vaisala in Brief We serve

GxP-Compliant Calibration Learning from the Warning Letters Vaisala in Brief We serve

GxP-Compliant Calibration Learning from the Warning Letters Vaisala in Brief We serve customers in controlled environments in life science, power transmission, and other targeted industrial applications. Over 80 years of expertise

746 views • 57 slides
Community Care Network Pre-Proposal Conference January 9, 2017 Introduction Veterans

Community Care Network Pre-Proposal Conference January 9, 2017 Introduction Veterans

Community Care Network Pre-Proposal Conference January 9, 2017 Introduction Veterans Health Administration (VHA) Denver Acquisition & Logistic Center (DALC) Points of Contact Contracting is the sole point of contact for

339 views • 20 slides

More recommend