sudo tail error
in [Suse]
|
Prev: Is it a cups problem?
Next: Need a recorder
From: JT on 29 Jul 2010 06:51 On 29/07/10 12:04, houghi wrote: > When I do a `sudo tail -f <whatever file> I get the following > errormessage in /var/log/messages > Jul 29 11:52:01 penne kernel: [31829.466088] type=1503 > audit(1280397121.678:1331): operation="change_hat" info="unconfined" > error=-1 pid=29764 > > This has something to do with pam and apparmor. I do not want apparmour, > so when I remove everything from apparmour I get the following error log > in /var/log/messages: > Jul 29 11:55:01 penne /usr/sbin/cron[30703]: PAM unable to > dlopen(/lib64/security/pam_apparmor.so): /lib64/security/pam_apparmor.so > : cannot open shared object file: No such file or directory > Jul 29 11:55:01 penne /usr/sbin/cron[30703]: PAM adding faulty module: > /lib64/security/pam_apparmor.so > > And both are pretty frequent. So much that the file "messages" becomes > unusable duer to the polution. > > So if I do not have pam_apparmor.so, I get a lot of messages and if I do > install it, I get a lot of messages. When I want to deinstall pam, I get > so many warnings that I don't even try. > > Questions: > What is all this stuff doing in my logfile? > It's probably not doing anything. Just bits on disk. > Why does it show up in my logfile? > Because a programmer used something along the lines of "echo 'message' >> /var/log/whatever_messages_file" > How can I get it not to show up in my logfile? > sudo ln -sf /dev/null /var/log/whatever_messages_file > houghi > Response not to be taken (too) seriously, but that was obvious (I hope) ;-) -- Kind regards, JT
From: JT on 29 Jul 2010 06:57 On 29/07/10 12:04, houghi wrote: > When I do a `sudo tail -f <whatever file> I get the following > errormessage in /var/log/messages > Jul 29 11:52:01 penne kernel: [31829.466088] type=1503 > audit(1280397121.678:1331): operation="change_hat" info="unconfined" > error=-1 pid=29764 > > This has something to do with pam and apparmor. I do not want apparmour, > so when I remove everything from apparmour I get the following error log > in /var/log/messages: > Jul 29 11:55:01 penne /usr/sbin/cron[30703]: PAM unable to > dlopen(/lib64/security/pam_apparmor.so): /lib64/security/pam_apparmor.so > : cannot open shared object file: No such file or directory > Jul 29 11:55:01 penne /usr/sbin/cron[30703]: PAM adding faulty module: > /lib64/security/pam_apparmor.so > > And both are pretty frequent. So much that the file "messages" becomes > unusable duer to the polution. > > So if I do not have pam_apparmor.so, I get a lot of messages and if I do > install it, I get a lot of messages. When I want to deinstall pam, I get > so many warnings that I don't even try. > > Questions: > What is all this stuff doing in my logfile? > Why does it show up in my logfile? > How can I get it not to show up in my logfile? > > houghi > A somewhat more useful response: I tried to reproduce ('sudo tail -f /var/log/messages') and don't get these warnings from pam. I'm on OpenSuSE 11.2. I have no exact idea what is wrong, because I don't know apparmor extensively. But I do know that you can make profiles (or whatever they're called) for apparmor, using Yast. Maybe you have (knowingly or not) created a profile. BTW: it's 'funny' (not) that you can remove apparmor without dependency warnings and consequently run into dependency errors..... -- Kind regards, JT
From: Mr. Underhill on 29 Jul 2010 13:18 On Thu, 29 Jul 2010 12:04:25 +0200, houghi wrote: > When I do a `sudo tail -f <whatever file> I get the following > errormessage in /var/log/messages > Jul 29 11:52:01 penne kernel: [31829.466088] type=1503 > audit(1280397121.678:1331): operation="change_hat" info="unconfined" > error=-1 pid=29764 > > This has something to do with pam and apparmor. I do not want apparmour, > so when I remove everything from apparmour I get the following error log > in /var/log/messages: > Jul 29 11:55:01 penne /usr/sbin/cron[30703]: PAM unable to > dlopen(/lib64/security/pam_apparmor.so): /lib64/security/pam_apparmor.so > : cannot open shared object file: No such file or directory Jul 29 > 11:55:01 penne /usr/sbin/cron[30703]: PAM adding faulty module: > /lib64/security/pam_apparmor.so > > And both are pretty frequent. So much that the file "messages" becomes > unusable duer to the polution. > > So if I do not have pam_apparmor.so, I get a lot of messages and if I do > install it, I get a lot of messages. When I want to deinstall pam, I get > so many warnings that I don't even try. > > Questions: > What is all this stuff doing in my logfile? Why does it show up in my > logfile? > How can I get it not to show up in my logfile? > > houghi Hi, I had similar problems. Removed all apparmor packages and ended up with error messages from PAM. grep -i apparmor /etc/pam.d/* Should show you the offending entry. Just edit the file and remove it and all will be fine. Mr. Underhill
From: marrgol on 29 Jul 2010 17:50 On 2010-07-29 19:18, Mr. Underhill wrote: > I had similar problems. Removed all apparmor packages and ended up with > error messages from PAM. > > grep -i apparmor /etc/pam.d/* > > Should show you the offending entry. Just edit the file and remove it and > all will be fine. Or do it "the proper way" by running (as root): pam-config -d --apparmor -- mrg
From: marrgol on 30 Jul 2010 17:33 On 2010-07-30 16:03, houghi wrote: >> Or do it "the proper way" by running (as root): >> >> pam-config -d --apparmor > > Thanks, that worked. Just curious what I just did. Is this a question? 'man pam-config' is the answer... ;-) I would think the command above should be in apparmor rpm's uninstall script really... -- mrg
|
Pages: 1 Prev: Is it a cups problem? Next: Need a recorder |