Hi,
I recently noticed some errors in /var/adm/messages :
Jan 18 05:51:05 web setroubleshoot: SELinux is preventing /bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l e3ac9aa
8-b210-4a8d-802d-e1eea72f322c
Jan 18 05:51:05 web setroubleshoot: SELinux is preventing /bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l e3ac9aa
8-b210-4a8d-802d-e1eea72f322c
Jan 18 06:01:09 web setroubleshoot: SELinux is preventing /bin/ps from getattr access on the directory /proc/<pid>. For complete SELinux messages. run sealert -l 6ed0a9b
8-f56b-4d1f-94f3-cbbd2e596dc5
Jan 18 08:04:29 web rsyslogd-2177: imuxsock lost 202 messages from pid 16931 due to rate-limiting
Jan 18 08:04:29 web audispd: queue is full - dropping event
Jan 18 08:04:29 web audispd: queue is full - dropping event
Jan 18 08:04:29 web audispd: queue is full - dropping event
Jan 18 08:04:29 web audispd: queue is full - dropping event
Jan 18 08:04:29 web audispd: queue is full - dropping event
Lots of them, like hundreds and lots of dropped messages due to rate limiting.
After some investigation, it seems to be Piwik code doing this. In piwik/core/CliMulti/Process.php I found :
private function isProcessStillRunning($content)
{
if (!$this->isSupported) {
return true;
}
$lockedPID = trim($content);
$runningPIDs = explode("\n", trim( `ps -e | awk '{print $1}'` ));
return !empty($lockedPID) && in_array($lockedPID, $runningPIDs);
}
I’d rather not grant the web context permission to run “ps” on everything. So, first question, what/where/how can I unset “isSupported”? If that turns off looking through all processes then fine. But as it’s clearly trying to do it, will that have any knock on problems if the function simply returns true all the time?
Thanks,
Max