def logon(self, type, username, password): log_debug("logon(%s) type=%s username=%s" % (self, type, username)) if username != get_identity(self.uid): raise ProgramError( ERR_USER_LOOKUP, detail="uid=%s does not match logon username (%s)" % (self.uid, username)) if type == 'sealert': privilege = 'client' else: privilege = None if not self.access.user_allowed(privilege, username): raise ProgramError(ERR_USER_PROHIBITED) self.channel_type = type self.channel_name = username self.username = username self.user = self.database.get_user(username) if self.user is None: self.database.add_user(username) self.connection_state.update(ConnectionState.AUTHENTICATED) return [pkg_version, rpc_version]
def report_problem(self, siginfo): siginfo = super(AlertPluginReportReceiver, self).report_problem(siginfo) if email_recipients is not None: to_addrs = [] for recipient in email_recipients.recipient_list: username = "******" % recipient.address action = siginfo.evaluate_filter_for_user(username, recipient.filter_type) if action != "ignore": log_debug("Email: siginfo.sig=%s" % siginfo.sig) to_addrs.append(recipient.address) if len(to_addrs): from setroubleshoot.email_alert import email_alert email_alert(siginfo, to_addrs) log_debug("sending alert to all clients") from setroubleshoot.html_util import html_to_text syslog.syslog(syslog.LOG_ERR, siginfo.summary() + _(" For complete SELinux messages. run sealert -l %s") % siginfo.local_id ) for audit_record in siginfo.audit_event.records: if audit_record.record_type == 'AVC': pid = audit_record.fields["pid"] break; systemd.journal.send(siginfo.format_text(), OBJECT_PID=pid) for u in siginfo.users: action = siginfo.evaluate_filter_for_user(u.username) if action == "ignore": return siginfo send_alert_notification(siginfo) return siginfo
def sighandler(signum, frame): log_debug("received signal=%s" % signum) import setroubleshoot.config as config if signum == signal.SIGHUP: log_debug("reloading configuration file") config.config_init() return
def __init__(self, analysis_queue, alert_receiver, timeout): try: log_debug("creating system dbus: bus_name=%s object_path=%s interface=%s" % (dbus_system_bus_name, dbus_system_object_path, dbus_system_interface)) self.dbus_obj = SetroubleshootdDBusObject(dbus_system_object_path, analysis_queue, alert_receiver, timeout) except Exception, e: syslog.syslog(syslog.LOG_ERR, "cannot start system DBus service: %s" % e) raise e
def evaluate_alert_filter(self, sig, username): log_debug("evaluate_alert_filter: username=%s sig=%s" % (username, sig)) if not (self.connection_state.flags & ConnectionState.AUTHENTICATED): raise ProgramError(ERR_NOT_AUTHENTICATED) action = self.database.evaluate_alert_filter(sig, username) return [action]
def get_properties(self): log_debug("get_properties") if not (self.connection_state.flags & ConnectionState.AUTHENTICATED): raise ProgramError(ERR_NOT_AUTHENTICATED) properties = self.database.get_properties() return [properties]
def delete_signature(self, sig): log_debug("delete_signature: sig=%s" % sig) if not (self.connection_state.flags & ConnectionState.AUTHENTICATED): raise ProgramError(ERR_NOT_AUTHENTICATED) siginfo = self.database.delete_signature(sig) return None
def query_alerts(self, criteria): log_debug("query_alerts: criteria=%s" % criteria) if not (self.connection_state.flags & ConnectionState.AUTHENTICATED): raise ProgramError(ERR_NOT_AUTHENTICATED) sigs = self.database.query_alerts(criteria) return [sigs]
def set_user_data(self, sig, username, item, data): log_debug("set_user_data: username=%s item=%s data=%s sig=\n%s" % (username, item, data, sig)) if not (self.connection_state.flags & ConnectionState.AUTHENTICATED): raise ProgramError(ERR_NOT_AUTHENTICATED) self.database.set_user_data(sig, username, item, data) return None
def on_connection_state_change(self, connection_state, flags, flags_added, flags_removed): log_debug("%s.on_connection_state_change: connection_state=%s flags_added=%s flags_removed=%s address=%s" % (self.__class__.__name__, connection_state, connection_state.flags_to_string(flags_added), connection_state.flags_to_string(flags_removed), self.socket_address)) if flags_removed & ConnectionState.OPEN: connection_pool.remove_client(self) if flags_added & ConnectionState.OPEN: connection_pool.add_client(self)
def lookup_local_id(self, local_id): log_debug("lookup_local_id: %s" % local_id) if not (self.connection_state.flags & ConnectionState.AUTHENTICATED): raise ProgramError(ERR_NOT_AUTHENTICATED) siginfo = self.database.lookup_local_id(local_id) return [siginfo]
def sighandler(signum, frame): log_debug("received signal=%s" % signum) import setroubleshoot.config as config if signum == signal.SIGHUP: log_debug("reloading configuration file") config.config_init() return import sys sys.exit()
def __init__(self, object_path, analysis_queue, alert_receiver, timeout = 10): dbus.service.Object.__init__(self, dbus.SystemBus(), object_path) self.conn_ctr=0 self.timeout = timeout self.alarm(self.timeout) log_debug('dbus __init__ %s called' % object_path) self.queue = analysis_queue self.receiver = alert_receiver self.record_reader = AuditRecordReader(AuditRecordReader.TEXT_FORMAT) self.record_receiver = AuditRecordReceiver()
def on_connection_state_change(self, connection_state, flags, flags_added, flags_removed): log_debug("%s.on_connection_state_change: connection_state=%s flags_added=%s flags_removed=%s address=%s" % (self.__class__.__name__, connection_state, connection_state.flags_to_string(flags_added), connection_state.flags_to_string(flags_removed),self.socket_address)) if flags_removed & ConnectionState.OPEN: connection_pool.remove_client(self) if flags_added & ConnectionState.OPEN: self.uid, self.gid = self.access.get_credentials(self.socket_address.socket) log_debug("%s.on_connection_state_change: open, socket credentials: uid=%s gid=%s" % (self.__class__.__name__, self.uid, self.gid)) connection_pool.add_client(self)
def set_email_recipients(self, recipients): global email_recipients log_debug("set_email_recipients: %s" % recipients) if not (self.connection_state.flags & ConnectionState.AUTHENTICATED): raise ProgramError(ERR_NOT_AUTHENTICATED) email_recipients = recipients email_recipients.write_recipient_file(email_recipients_filepath)
def set_filter(self, sig, username, filter_type, data = "" ): log_debug("set_filter: username=%s filter_type=%s sig=\n%s" % (username, filter_type, sig)) if not (self.connection_state.flags & ConnectionState.AUTHENTICATED): raise ProgramError(ERR_NOT_AUTHENTICATED) if username != self.username: raise ProgramError(ERR_USER_PERMISSION, detail=_("The user (%s) cannot modify data for (%s)") % (self.username, username)) self.database.set_filter(sig, username, filter_type, data) return None
def __init__(self, analysis_queue, alert_receiver, timeout): try: log_debug( "creating system dbus: bus_name=%s object_path=%s interface=%s" % (dbus_system_bus_name, dbus_system_object_path, dbus_system_interface)) self.dbus_obj = SetroubleshootdDBusObject(dbus_system_object_path, analysis_queue, alert_receiver, timeout) except Exception, e: syslog.syslog(syslog.LOG_ERR, "cannot start system DBus service: %s" % e) raise e
def __init__(self, object_path, analysis_queue, alert_receiver, timeout=10): dbus.service.Object.__init__(self, dbus.SystemBus(), object_path) self.conn_ctr = 0 self.timeout = timeout self.alarm(self.timeout) log_debug('dbus __init__ %s called' % object_path) self.queue = analysis_queue self.receiver = alert_receiver self.record_reader = AuditRecordReader(AuditRecordReader.TEXT_FORMAT) self.record_receiver = AuditRecordReceiver()
def on_connection_state_change(self, connection_state, flags, flags_added, flags_removed): log_debug( "%s.on_connection_state_change: connection_state=%s flags_added=%s flags_removed=%s address=%s" % (self.__class__.__name__, connection_state, connection_state.flags_to_string(flags_added), connection_state.flags_to_string(flags_removed), self.socket_address)) if flags_removed & ConnectionState.OPEN: connection_pool.remove_client(self) if flags_added & ConnectionState.OPEN: connection_pool.add_client(self)
def set_filter(self, sig, username, filter_type, data=""): log_debug("set_filter: username=%s filter_type=%s sig=\n%s" % (username, filter_type, sig)) if not (self.connection_state.flags & ConnectionState.AUTHENTICATED): raise ProgramError(ERR_NOT_AUTHENTICATED) if username != self.username: raise ProgramError( ERR_USER_PERMISSION, detail=_("The user (%s) cannot modify data for (%s)") % (self.username, username)) self.database.set_filter(sig, username, filter_type, data) return None
def avc(self, data): self.alarm(0) self.conn_ctr += 1 log_debug('dbus avc(%s) called: %d Connections' % (data, self.conn_ctr)) for (record_type, event_id, body_text, fields, line_number) in self.record_reader.feed(str(data)): audit_record = AuditRecord(record_type, event_id, body_text, fields, line_number) audit_record.audispd_rectify() for audit_event in self.record_receiver.feed(audit_record): self.add(AVC(audit_event)) for audit_event in self.record_receiver.flush(0): try: self.add(AVC(audit_event)) except ValueError, e: syslog.syslog(syslog.LOG_ERR, "Unable to add audit event: %s" % e)
def on_connection_state_change(self, connection_state, flags, flags_added, flags_removed): log_debug( "%s.on_connection_state_change: connection_state=%s flags_added=%s flags_removed=%s address=%s" % (self.__class__.__name__, connection_state, connection_state.flags_to_string(flags_added), connection_state.flags_to_string(flags_removed), self.socket_address)) if flags_removed & ConnectionState.OPEN: connection_pool.remove_client(self) if flags_added & ConnectionState.OPEN: self.uid, self.gid = self.access.get_credentials( self.socket_address.socket) log_debug( "%s.on_connection_state_change: open, socket credentials: uid=%s gid=%s" % (self.__class__.__name__, self.uid, self.gid)) connection_pool.add_client(self)
def report_problem(self, siginfo): siginfo = super(AlertPluginReportReceiver, self).report_problem(siginfo) if email_recipients is not None: to_addrs = [] for recipient in email_recipients.recipient_list: username = "******" % recipient.address action = siginfo.evaluate_filter_for_user( username, recipient.filter_type) if action != "ignore": log_debug("Email: siginfo.sig=%s" % siginfo.sig) to_addrs.append(recipient.address) if len(to_addrs): from setroubleshoot.email_alert import email_alert email_alert(siginfo, to_addrs) log_debug("sending alert to all clients") from setroubleshoot.html_util import html_to_text syslog.syslog( syslog.LOG_ERR, siginfo.summary() + _(" For complete SELinux messages. run sealert -l %s") % siginfo.local_id) for audit_record in siginfo.audit_event.records: if audit_record.record_type == 'AVC': pid = audit_record.fields["pid"] break systemd.journal.send(siginfo.format_text(), OBJECT_PID=pid) for u in siginfo.users: action = siginfo.evaluate_filter_for_user(u.username) if action == "ignore": return siginfo send_alert_notification(siginfo) return siginfo
def logon(self, type, username, password): log_debug("logon(%s) type=%s username=%s" % (self, type, username)) if username != get_identity(self.uid): raise ProgramError(ERR_USER_LOOKUP, detail="uid=%s does not match logon username (%s)" % (self.uid, username)) if type == 'sealert': privilege = 'client' else: privilege = None if not self.access.user_allowed(privilege, username): raise ProgramError(ERR_USER_PROHIBITED) self.channel_type = type self.channel_name = username self.username = username self.user = self.database.get_user(username) if self.user is None: self.database.add_user(username) self.connection_state.update(ConnectionState.AUTHENTICATED) return [pkg_version, rpc_version]
def start(self): self.alarm(0) self.conn_ctr += 1 log_debug('dbus iface start() called: %d Connections' % self.conn_ctr) return _("Started")
def RunFaultServer(timeout=10): signal.alarm(timeout) sigalrm_handler = signal.signal(signal.SIGALRM, polling_failed_handler) # polling for /sys/fs/selinux/policy file while True: try: audit2why.init() signal.alarm(0) break # retry if init() failed to open /sys/fs/selinux/policy except ValueError as e: # The value error contains the following error message, # followed by strerror string (which can differ with localization) if "unable to open /sys/fs/selinux/policy" in str(e): continue raise e except SystemError as e: # As a result of a bug in audit2why.c, SystemError is raised instead of ValueError. # Python reports: "SystemError occurs as a direct cause of ValueError" # Error message of the ValueError is stored in __context__ # TODO: remove this except clause when the bug in audti2why is fixed if "unable to open /sys/fs/selinux/policy" in str(getattr(e, "__context__", "")): continue raise e global host_database, analysis_queue, email_recipients signal.signal(signal.SIGALRM, sigalrm_handler) signal.signal(signal.SIGHUP, sighandler) #interface_registry.dump_interfaces() try: # FIXME: should this be using our logging objects in log.py? # currently syslog is only used for putting an alert into # the syslog with it's id pkg_name = get_config('general', 'pkg_name') syslog.openlog(pkg_name) # Create an object responsible for sending notifications to clients client_notifier = ClientNotifier(connection_pool) # Create a database local to this host database_filename = get_config('database', 'filename') database_filepath = make_database_filepath(database_filename) assure_file_ownership_permissions(database_filepath, 0o600, 'setroubleshoot') host_database = SETroubleshootDatabase(database_filepath, database_filename, friendly_name=_("Audit Listener")) host_database.set_notify(client_notifier) atexit.register(goodbye, host_database) deleted = False for i in host_database.sigs.signature_list: why, bools = audit2why.analyze(str(i.sig.scontext), str(i.sig.tcontext), str(i.sig.tclass), i.sig.access) if why == audit2why.ALLOW or why == audit2why.DONTAUDIT: if why == audit2why.ALLOW: reason = "allowed" else: reason = "dontaudit'd" syslog.syslog(syslog.LOG_ERR, "Deleting alert %s, it is %s in current policy" % (i.local_id, reason)) deleted = True host_database.delete_signature(i.sig) if deleted: host_database.save(prune=True) # Attach the local database to an object which will send alerts # specific to this host if not get_config('test', 'analyze', bool): alert_receiver = AlertPluginReportReceiver(host_database) else: alert_receiver = TestPluginReportReceiver(host_database) # Create a synchronized queue for analysis requests import six.moves.queue analysis_queue = six.moves.queue.Queue(0) # Create a thread to peform analysis, it takes AVC objects off # the analysis queue and runs the plugins against the # AVC. Analysis requests in the queue may arrive from a # variety of places; from the audit system, from a log file # scan, etc. The disposition of the analysis (e.g. where the # results of the analysis are to go) are included in the queued # object along with the data to analyze. analyze_thread = AnalyzeThread(analysis_queue) analyze_thread.setDaemon(True) analyze_thread.start() # Create a thread to receive messages from the audit system. # This is a time sensitive operation, the primary job of this # thread is to receive the audit message as quickly as # possible and return to listening on the audit socket. When # it receives a complete audit event it places it in the # analysis queue where another thread will process it # independently. # audit_socket_thread = AuditSocketReceiverThread(analysis_queue, alert_receiver) # audit_socket_thread.setDaemon(True) # audit_socket_thread.start() # Initialize the email recipient list from setroubleshoot.signature import SEEmailRecipientSet email_recipients = SEEmailRecipientSet() assure_file_ownership_permissions(email_recipients_filepath, 0o600, 'setroubleshoot') try: email_recipients.parse_recipient_file(email_recipients_filepath) except ProgramError as e: if e.errno == ERR_FILE_OPEN: log_debug(e.strerror) else: raise e # Create a server to listen for alert clients and then run. listen_addresses = get_socket_list_from_config('listen_for_client') for listen_address in listen_addresses: listening_server = ListeningServer(listen_address, SetroubleshootdClientConnectionHandler) listening_server.open() dbus.glib.init_threads() setroubleshootd_dbus = SetroubleshootdDBus(analysis_queue, alert_receiver, timeout) main_loop = GLib.MainLoop() main_loop.run() except KeyboardInterrupt as e: log_debug("KeyboardInterrupt in RunFaultServer") except SystemExit as e: log_debug("raising SystemExit in RunFaultServer") except Exception as e: import traceback syslog_trace(traceback.format_exc()) syslog.syslog(syslog.LOG_ERR, "exception %s: %s" % (e.__class__.__name__, str(e)))
def RunFaultServer(timeout=10): # FIXME audit2why.init() global host_database, analysis_queue, email_recipients signal.signal(signal.SIGHUP, sighandler) signal.signal(signal.SIGQUIT, sighandler) signal.signal(signal.SIGTERM, sighandler) signal.signal(signal.SIGALRM, sighandler) #interface_registry.dump_interfaces() try: # FIXME: should this be using our logging objects in log.py? # currently syslog is only used for putting an alert into # the syslog with it's id pkg_name = get_config('general','pkg_name') syslog.openlog(pkg_name) # Create an object responsible for sending notifications to clients client_notifier = ClientNotifier(connection_pool) # Create a database local to this host database_filename = get_config('database','filename') database_filepath = make_database_filepath(database_filename) assure_file_ownership_permissions(database_filepath, 0600, 'setroubleshoot') host_database = SETroubleshootDatabase(database_filepath, database_filename, friendly_name=_("Audit Listener")) host_database.set_notify(client_notifier) atexit.register(goodbye, host_database) deleted = False for i in host_database.sigs.signature_list: why, bools = audit2why.analyze(str(i.sig.scontext), str(i.sig.tcontext), str(i.sig.tclass), i.sig.access) if why == audit2why.ALLOW or why == audit2why.DONTAUDIT: if why == audit2why.ALLOW: reason = "allowed" else: reason = "dontaudit'd" syslog.syslog(syslog.LOG_ERR, "Deleting alert %s, it is %s in current policy" % (i.local_id, reason) ) deleted = True host_database.delete_signature(i.sig) if deleted: host_database.save(prune=True) # Attach the local database to an object which will send alerts # specific to this host if not get_config('test', 'analyze', bool): alert_receiver = AlertPluginReportReceiver(host_database) else: alert_receiver = TestPluginReportReceiver(host_database) # Create a synchronized queue for analysis requests import Queue analysis_queue = Queue.Queue(0) # Create a thread to peform analysis, it takes AVC objects off # the analysis queue and runs the plugins against the # AVC. Analysis requests in the queue may arrive from a # variety of places; from the audit system, from a log file # scan, etc. The disposition of the analysis (e.g. where the # results of the analysis are to go) are included in the queued # object along with the data to analyze. analyze_thread = AnalyzeThread(analysis_queue) analyze_thread.setDaemon(True) analyze_thread.start() # Create a thread to receive messages from the audit system. # This is a time sensitive operation, the primary job of this # thread is to receive the audit message as quickly as # possible and return to listening on the audit socket. When # it receives a complete audit event it places it in the # analysis queue where another thread will process it # independently. # audit_socket_thread = AuditSocketReceiverThread(analysis_queue, alert_receiver) # audit_socket_thread.setDaemon(True) # audit_socket_thread.start() # Initialize the email recipient list from setroubleshoot.signature import SEEmailRecipientSet email_recipients = SEEmailRecipientSet() assure_file_ownership_permissions(email_recipients_filepath, 0600, 'setroubleshoot') try: email_recipients.parse_recipient_file(email_recipients_filepath) except ProgramError, e: if e.errno == ERR_FILE_OPEN: log_debug(e.strerror) else: raise e # Create a server to listen for alert clients and then run. listen_addresses = get_socket_list_from_config('listen_for_client') for listen_address in listen_addresses: listening_server = ListeningServer(listen_address, SetroubleshootdClientConnectionHandler) listening_server.open() dbus.glib.init_threads() setroubleshootd_dbus = SetroubleshootdDBus(analysis_queue, alert_receiver, timeout) main_loop = gobject.MainLoop() main_loop.run()
def remove_client(self, handler): if handler not in self.client_pool: log_debug("remove_client: client (%s) not in client pool" % handler) return del(self.client_pool[handler])
def remove_client(self, handler): if not self.client_pool.has_key(handler): log_debug("remove_client: client (%s) not in client pool" % handler) return del (self.client_pool[handler])
def finish(self): self.conn_ctr -= 1 log_debug('dbus iface finish() called: %d Connections' % self.conn_ctr) self.alarm(self.timeout) return ""
def RunFaultServer(timeout=10): # FIXME audit2why.init() global host_database, analysis_queue, email_recipients signal.signal(signal.SIGHUP, sighandler) signal.signal(signal.SIGQUIT, sighandler) signal.signal(signal.SIGTERM, sighandler) signal.signal(signal.SIGALRM, sighandler) #interface_registry.dump_interfaces() try: # FIXME: should this be using our logging objects in log.py? # currently syslog is only used for putting an alert into # the syslog with it's id pkg_name = get_config('general', 'pkg_name') syslog.openlog(pkg_name) # Create an object responsible for sending notifications to clients client_notifier = ClientNotifier(connection_pool) # Create a database local to this host database_filename = get_config('database', 'filename') database_filepath = make_database_filepath(database_filename) assure_file_ownership_permissions(database_filepath, 0600, 'setroubleshoot') host_database = SETroubleshootDatabase( database_filepath, database_filename, friendly_name=_("Audit Listener")) host_database.set_notify(client_notifier) atexit.register(goodbye, host_database) deleted = False for i in host_database.sigs.signature_list: why, bools = audit2why.analyze(str(i.sig.scontext), str(i.sig.tcontext), str(i.sig.tclass), i.sig.access) if why == audit2why.ALLOW or why == audit2why.DONTAUDIT: if why == audit2why.ALLOW: reason = "allowed" else: reason = "dontaudit'd" syslog.syslog( syslog.LOG_ERR, "Deleting alert %s, it is %s in current policy" % (i.local_id, reason)) deleted = True host_database.delete_signature(i.sig) if deleted: host_database.save(prune=True) # Attach the local database to an object which will send alerts # specific to this host if not get_config('test', 'analyze', bool): alert_receiver = AlertPluginReportReceiver(host_database) else: alert_receiver = TestPluginReportReceiver(host_database) # Create a synchronized queue for analysis requests import Queue analysis_queue = Queue.Queue(0) # Create a thread to peform analysis, it takes AVC objects off # the analysis queue and runs the plugins against the # AVC. Analysis requests in the queue may arrive from a # variety of places; from the audit system, from a log file # scan, etc. The disposition of the analysis (e.g. where the # results of the analysis are to go) are included in the queued # object along with the data to analyze. analyze_thread = AnalyzeThread(analysis_queue) analyze_thread.setDaemon(True) analyze_thread.start() # Create a thread to receive messages from the audit system. # This is a time sensitive operation, the primary job of this # thread is to receive the audit message as quickly as # possible and return to listening on the audit socket. When # it receives a complete audit event it places it in the # analysis queue where another thread will process it # independently. # audit_socket_thread = AuditSocketReceiverThread(analysis_queue, alert_receiver) # audit_socket_thread.setDaemon(True) # audit_socket_thread.start() # Initialize the email recipient list from setroubleshoot.signature import SEEmailRecipientSet email_recipients = SEEmailRecipientSet() assure_file_ownership_permissions(email_recipients_filepath, 0600, 'setroubleshoot') try: email_recipients.parse_recipient_file(email_recipients_filepath) except ProgramError, e: if e.errno == ERR_FILE_OPEN: log_debug(e.strerror) else: raise e # Create a server to listen for alert clients and then run. listen_addresses = get_socket_list_from_config('listen_for_client') for listen_address in listen_addresses: listening_server = ListeningServer( listen_address, SetroubleshootdClientConnectionHandler) listening_server.open() dbus.glib.init_threads() setroubleshootd_dbus = SetroubleshootdDBus(analysis_queue, alert_receiver, timeout) main_loop = gobject.MainLoop() main_loop.run()
log_debug(e.strerror) else: raise e # Create a server to listen for alert clients and then run. listen_addresses = get_socket_list_from_config('listen_for_client') for listen_address in listen_addresses: listening_server = ListeningServer( listen_address, SetroubleshootdClientConnectionHandler) listening_server.open() dbus.glib.init_threads() setroubleshootd_dbus = SetroubleshootdDBus(analysis_queue, alert_receiver, timeout) main_loop = gobject.MainLoop() main_loop.run() except KeyboardInterrupt, e: log_debug("KeyboardInterrupt in RunFaultServer") except SystemExit, e: log_debug("raising SystemExit in RunFaultServer") except Exception, e: syslog.syslog(syslog.LOG_ERR, "exception %s: %s" % (e.__class__.__name__, str(e))) if __name__ == '__main__': RunFaultServer()
def add_client(self, handler): if self.client_pool.has_key(handler): log_debug("add_client: client (%s) already in client pool" % handler) return self.client_pool[handler] = None
def remove_client(self, handler): if not self.client_pool.has_key(handler): log_debug("remove_client: client (%s) not in client pool" % handler) return del(self.client_pool[handler])
try: email_recipients.parse_recipient_file(email_recipients_filepath) except ProgramError, e: if e.errno == ERR_FILE_OPEN: log_debug(e.strerror) else: raise e # Create a server to listen for alert clients and then run. listen_addresses = get_socket_list_from_config('listen_for_client') for listen_address in listen_addresses: listening_server = ListeningServer(listen_address, SetroubleshootdClientConnectionHandler) listening_server.open() dbus.glib.init_threads() setroubleshootd_dbus = SetroubleshootdDBus(analysis_queue, alert_receiver, timeout) main_loop = gobject.MainLoop() main_loop.run() except KeyboardInterrupt, e: log_debug("KeyboardInterrupt in RunFaultServer") except SystemExit, e: log_debug("raising SystemExit in RunFaultServer") except Exception, e: syslog.syslog(syslog.LOG_ERR, "exception %s: %s" % (e.__class__.__name__, str(e))) if __name__=='__main__': RunFaultServer()
def polling_failed_handler(signum, frame): log_debug("received signal=%s" % signum) syslog.syslog(syslog.LOG_ERR, "/sys/fs/selinux/policy is in use by another process. Exiting!") os._exit(1)