...
Code Block |
---|
sudo systemctl stop fapolicyd # https://www.mankier.com/8/fapolicyd # ... # --debug-deny # leave the daemon in the foreground for debugging. Event information is written to stderr only when the decision is to deny access. sudo /usr/sbin/fapolicyd --debug-deny Loaded 16 rules Changed to uid 990 Initializing the database fapolicyd integrity is 0 backend rpmdb registered backend file registered Loading rpmdb backend Loading file backend Checking database Importing data from rpmdb backend Importing data from file backend Entries in DB: 28117 Loaded from all backends(without duplicates): 28117 Database checks OK added /dev/shm mount point added / mount point added /var mount point added /boot mount point added /tmp mount point added /data mount point added /run/user/1000 mount point Starting to listen for events rule=15 dec=deny_audit perm=execute auid=-1 pid=2302 exe=/usr/local/omk/bin/opha-cli.exe : path=/tmp/par-726f6f74/cache-00548e237c0c0fdd9581d8236e7b57e47c9024b4/opha-cli.pl ftype=application/x-executable rule=15 dec=deny_audit perm=execute auid=-1 pid=2303 exe=/usr/local/omk/bin/opreports-scheduler.exe : path=/tmp/par-726f6f74/cache-815c07b0877113fa7553963226f8855aa1160121/opreports-scheduler.exe ftype=application/x-executable rule=15 dec=deny_audit perm=execute auid=-1 pid=2306 exe=/usr/local/omk/bin/opha-cli.exe : path=/tmp/par-726f6f74/cache-00548e237c0c0fdd9581d8236e7b57e47c9024b4/opha-cli.pl ftype=application/x-executable rule=15 dec=deny_audit perm=execute auid=-1 pid=2542 exe=/usr/local/omk/bin/baseline.exe : path=/tmp/par-726f6f74/cache-62f960e7d5fb11c6bcbb34fba76fe5030b04477c/baseline.exe ftype=application/x-executable rule=15 dec=deny_audit perm=execute auid=-1 pid=2695 exe=/usr/local/omk/bin/opreports-scheduler.exe : path=/tmp/par-726f6f74/cache-815c07b0877113fa7553963226f8855aa1160121/opreports-scheduler.exe ftype=application/x-executable ... ... # When finished debugging, press CTRL+C to kill this foreground fapolicyd process: ^C shutting down... Inter-thread max queue depth 11 Allowed accesses: 1029504 Denied accesses: 108 Database max pages: 10240 Database pages in use: 1631 (15%) Subject cache size: 1549 Subject slots in use: 1466 (94%) Subject hits: 1028146 Subject misses: 4307 Subject evictions: 2841 (0%) Object cache size: 8191 Object slots in use: 8191 (100%) Object hits: 1021421 Object misses: 229282 Object evictions: 221091 (21%) # foreground fapolicyd process is now killed - I traced the above few issues returned while debugging to cron jobs not reading /etc/environment and therefor not picking up the environment variable PAR_GLOBAL_TMPDIR I prepended 'touch /etc/environment && . /etc/environment ' to each cron job and the issues then did not occur - for example: */5 * * * * root /usr/local/omk/bin/opreports-scheduler.exe was changed to: */5 * * * * root touch /etc/environment && . /etc/environment /usr/local/omk/bin/opreports-scheduler.exe # restart the fapolicyd service when debugging finished: sudo systemctl start fapolicyd |
...