Skip to content

Troubleshooting

Jump to bottom
Tom Zhang edited this page Feb 28, 2022 · 11 revisions

This page is for intructions to troubleshoot known issues

Issues

These are the issues that we have a solution for

sudo runs a different version of the program

Platforms affected:

all linux distros

Description

Running acs in root mode (using sudo) will run a different version of acs, or not at all

see issue #232

SELinux Access Denial

Platforms affected:

RHEL, Fedora, CentOS, RockyLinux, QubesOS, Debian, Ubuntu and OpenSUSE

Initial bug report posted for search engine indexing for problem solving: https://github.com/JakeRoggenbuck/auto-clock-speed/issues/166

Description

SELinux (a Linux kernel-based security module) will prevent acs from accessing required files

To Check

To Reproduce

Use acs in monitor acs monitor mode or edit mode sudo acs run

Expected behavior

ACS will always display the powersave governor regardless of circumstances

Screenshots

image

On Laptop

Version 0.1.7 latest main

Example Audit Message:

type=AVC msg=audit(num.993:136): avc: denied { read open } for pid=1054 comm="(acs)" path="/home/name/.cargo/bin/acs" dev="drive" ino=2438319 scontext=system_u:system_r:init_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=0

To see the denied access log, run: grep "SELinux is preventing" /var/log/messages

Solution 1:

To temperory allow acs access through SELinux:

# ausearch -c '(acs)' --raw | audit2allow -M my-acs
# semodule -X 300 -i my-acs.pp

Solution 2:

To allow ACS access through AUDIT2ALLOW, see RedHat’s documentation

Solution 3:

You can also set SELinux to permissive to allow acs (but also other programs) through

To do so:

  1. Open the /etc/selinux/config file as root by
# sudo vi /etc/selinux/config
  1. Configure the SELINUX=permissive option:
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - No SELinux policy is loaded.
SELINUX=permissive
# SELINUXTYPE= can take one of these two values:
#       targeted - Targeted processes are protected,
#       mls - Multi Level Security protection.
SELINUXTYPE=targeted
  1. Save the file and reboot the system

More Information

More information about SELinux permission denials on:

RedHat's Documentation

Redhat's Troubleshooting Guide

Made with ☕ by JakeRoggenbuck, Shuzhengz, and Camerooooon

Source Code

Developers:

Clone this wiki locally