[systemd-devel] setroubleshoot integration.

Wed Jan 9 08:55:21 PST 2013

On Wed, Jan 09, 2013 at 05:44:02PM +0100, Zbigniew Jędrzejewski-Szmek wrote:
> On Wed, Jan 09, 2013 at 11:00:36AM -0500, Daniel J Walsh wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> > 
> > One of my goals with setroubleshoot analysys is to get it integrated into the
> > journald system.
> > 
> > In Fedora I am adding
> > 
> > systemd.journal.send(siginfo.format_text())
> > 
> > Which will put the setroubleshoot info into the journal, but what I really
> > need is to add a key for the process id that created the journal entry.
> > 
> > We had talked about this a while ago with the goal of allowing something like
> > 
> > systemctl httpd status
> > ....
> > SELinux is blocking httpd read access on /var/www/index.html
> > setroubleshoot
> > ...
> > run restorecon /var/www/index.html
> > 
> > The only way for systemd to know the setroubleshoot analysys is for httpd is
> > to include the pid when setroubleshoot writes the journal.
> Hi,
> 
> the way that finding messages pertaining to a certain service works currently
> is encoded in src/share/logs-show.c, function show_journal_by_unit:
> - journald adds _SYSTEMD_UNIT=... when it can to messages generated
>   by the services themselves
> - systemd (PID 1) writes messages about services with UNIT=...
>   and journalds tags them with _PID=1
> - COREDUMP writes messages with COREDUMP_UNIT=...
> 
> I think it would be realitively to extend show_journal_by_unit() to check
    	             ^relatively easy
> for messages with _SYSTEMD_UNIT=setroubleshootd.service (or whatever)
> and UNIT=... Would this work for you? This would require setroubleshootd
> to find out the unit name on its own. Actually, this might be for the better,
> since by the time that journald gets the message, the PID might be long
> gone, and setroubleshootd has more knowledge.
A second part would be support for multiline messages. This is another
story.

Zbyszek