mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 08:34:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

updated after opensnitch repo commit 72050e5bc5

wiki auto updater 2021-08-19 11:22:29 +00:00
parent 98e5549e3c
commit 27315096b7
1 changed files with 40 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
Known-problems.md

@ -1,5 +1,15 @@
**eBPF**
[cannot open kprove_events](#cannot-open-kprove_events): open /sys/kernel/debug/tracing/kprobe_events: permission denied
[cannot write ... kprobe_events: file exists](#kprobe_events-file-exists)
**General**
[KDE/Gnome/Xfce/... does not boot up](#desktop-environment-does-not-bootup)
**GUI**
[GUI crash/exception/does not show up](#GUI-crash-exception-or-does-not-show-up):
* NameError: name 'unicode' is not defined
* ModuleNotFoundError: No module named 'grpc'
@ -15,6 +25,8 @@
[OpenSnitch icon doesn't show up on Gnome-Shell](#OpenSnitch-icon-does-not-show-up-on-gnome-shell)
**daemon**
[Kernel panic on >= 5.6.16 || kernel hardening incompatibilities](#kernel-panics)
[opensnitchd/daemon does not start](#opensnitchd-does-not-start):
@ -22,6 +34,34 @@
***
### Cannot open kprove_events
If after enabling eBPF you see the following error:
cannot open kprobe_events: open /sys/kernel/debug/tracing/kprobe_events: permission denied
you'll need to allow opensnitch in selinux or set it to permissive:
```
$ sudo journalctl -ar | grep "opensnitch.*lockdown"
Aug 19 06:18:28 localhost-live audit[2443]: AVC avc: denied { confidentiality } for pid=2443 comm=opensnitchd lockdown_reason=use of tracefs scontext=system_u:system_r:unconfined_service_t:s0 tcontext=system_u:system_r:unconfined_service_t:s0 tclass=lockdown permissive=0
$ echo "Aug 19 06:18:28 localhost-live audit[2443]: AVC avc: denied { confidentiality } for pid=2443 comm=opensnitchd lockdown_reason=use of tracefs scontext=system_u:system_r:unconfined_service_t:s0 tcontext=system_u:system_r:unconfined_service_t:s0 tclass=lockdown permissive=0" > opensnitch_lockdown.txt
$ sudo su
# audit2allow -M opensnitchd < opensnitch_lockdown.txt
# semanage -i opensnitchd.pp
```
### kprobe_events file exists
This error indicates that the network hooks are already added, you'll need to delete them manually:
```
$ sudo su
# > /sys/kernel/debug/tracing/kprobe_events
```
### Desktop Environment does not boot up
If after installing OpenSnitch, or after changing the Default Action to `deny`, the Desktop Environment does not show up (after restart), try: