Bug 1276305
Summary: | SELinux is preventing abrt-hook-ccpp from using the 'sigchld' accesses on a process. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Miroslav Grepl <mgrepl> |
Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> |
Status: | CLOSED EOL | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | 23 | CC: | 7kaifi, adam, amidius.1992, amit.shah, anass.1430, andredelao, angiolucci, as.maps, autarch, awilliam, azzow.sy, brian.murrell, bugiardolr, bugzilla, bugzilla, bztdlinux, chmelarz, chujingbin, crosbytr, decathorpe, deesto, dinimito2, dominick.grift, dwalsh, edosurina, elitedeciel, emashukoff, extras-qa, fakhri.satu, fedora, geezuslucifer, gerard.fernandes, jamescape777, japan, jax6, jberan, jc, jfrieben, jlbosch, jones.peter.busi, jorti, jsmith.fedora, jtfas90, juliux.pigface, jwakely, lantw44, linuxkali.25, lvrabec, marcel, marco.guazzone, marco.kunzli, martincigorraga, mgrepl, michael, michaeltroy9001, mikhail.v.gavrilov, miras199002, mjs, mkluge.04, mspaulding06, nalimilan, nexfwall, nikola.p-k, oliver, olivier.reyes.r, peljasz, philippe.darocha, plautrba, rajesh, rehol3, req1348, robin.bowes, rocksynth, rupatel, sgallagh, shenada, silvio.a.palmieri, soaperish, sobolewski.marcin, stevenschlansker, sylvain.julmy, tcfxfzoi, thomastognolo, tomspur, urkipattan, vidhan1995.jain, vikigoyal, vrutkovs, yajo.sk8 |
Target Milestone: | --- | Keywords: | CommonBugs, Reopened |
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Unspecified | ||
Whiteboard: | abrt_hash:e6d10fcd6f18e995dfe405a4aefb445f20ab0971bcc32b9d72dad9e065f8049f https://fedoraproject.org/wiki/Common_F23_bugs#selinux-abrt-sigchld | ||
Fixed In Version: | selinux-policy-3.13.1-154.fc23 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | 1245477 | Environment: | |
Last Closed: | 2016-12-20 15:13:44 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1245477, 1276931 | ||
Bug Blocks: | 1254188 |
Description
Miroslav Grepl
2015-10-29 11:56:15 UTC
*** Bug 1276342 has been marked as a duplicate of this bug. *** *** Bug 1277055 has been marked as a duplicate of this bug. *** *** Bug 1276179 has been marked as a duplicate of this bug. *** *** Bug 1276180 has been marked as a duplicate of this bug. *** *** Bug 1279044 has been marked as a duplicate of this bug. *** *** Bug 1279084 has been marked as a duplicate of this bug. *** *** Bug 1279050 has been marked as a duplicate of this bug. *** *** Bug 1278748 has been marked as a duplicate of this bug. *** *** Bug 1278513 has been marked as a duplicate of this bug. *** *** Bug 1274741 has been marked as a duplicate of this bug. *** *** Bug 1274971 has been marked as a duplicate of this bug. *** *** Bug 1275366 has been marked as a duplicate of this bug. *** *** Bug 1277684 has been marked as a duplicate of this bug. *** *** Bug 1277685 has been marked as a duplicate of this bug. *** *** Bug 1277686 has been marked as a duplicate of this bug. *** *** Bug 1277985 has been marked as a duplicate of this bug. *** selinux-policy-3.13.1-154.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2015-6b85d80ba8 selinux-policy-3.13.1-154.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with $ su -c 'dnf --enablerepo=updates-testing update selinux-policy' You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2015-6b85d80ba8 *** Bug 1275801 has been marked as a duplicate of this bug. *** User coredumps are still not working: https://bugzilla.redhat.com/show_bug.cgi?id=1276931#c11 https://github.com/abrt/abrt/blob/master/tests/runtests/ccpp-plugin-selinux/runtest.sh ---- time->Thu Nov 12 16:37:44 2015 type=AVC msg=audit(1447342664.692:674): avc: denied { getattr } for pid=7122 comm="abrt-hook-ccpp" scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process permissive=1 ? https://github.com/abrt/abrt/blob/master/src/hooks/abrt-hook-ccpp.c#L195 ---- time->Thu Nov 12 16:37:44 2015 type=AVC msg=audit(1447342664.693:675): avc: denied { setgid } for pid=7122 comm="abrt-hook-ccpp" capability=6 scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=system_u:system_r:abrt_dump_oops_t:s0 tclass=capability permissive=1 https://github.com/abrt/abrt/blob/master/src/hooks/abrt-hook-ccpp.c#L329 ---- time->Thu Nov 12 16:37:44 2015 type=AVC msg=audit(1447342664.693:676): avc: denied { setuid } for pid=7122 comm="abrt-hook-ccpp" capability=7 scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=system_u:system_r:abrt_dump_oops_t:s0 tclass=capability permissive=1 https://github.com/abrt/abrt/blob/master/src/hooks/abrt-hook-ccpp.c#L328 ---- time->Thu Nov 12 16:37:44 2015 type=AVC msg=audit(1447342664.693:677): avc: denied { create } for pid=7122 comm="abrt-hook-ccpp" name="core.7121" scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file permissive=1 https://github.com/abrt/abrt/blob/master/src/hooks/abrt-hook-ccpp.c#L337 selinux-policy-3.13.1-154.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report. This is a regression in F22 as well, why isn't it being fixed in F22? Oh sorry, I missed that this is a clone of the F22 report, I'm CC'd on the wrong one! Description of problem: Presumably happened trying to report a bug, possibly with incorrect Bugzilla password. Version-Release number of selected component: selinux-policy-3.13.1-128.12.fc22.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.6-301.fc23.x86_64 type: libreport Description of problem: I turn on my gateway all in one desktop, login to the admin account (only account on the system) connect to a wireless router and in a few minutes the bug appears. Version-Release number of selected component: selinux-policy-3.13.1-152.fc23.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.3-300.fc23.x86_64 type: libreport Description of problem: Error popped up half a minute / few minutes after Plague inc. crashed (game I have recently installed through Steam). The game itself crashes shortly after launching, however, I think this error is triggered by SELinux Troubleshooter failing to generate a report after that game crash. Version-Release number of selected component: selinux-policy-3.13.1-158.2.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.4-300.fc23.x86_64 type: libreport Description of problem: As soon as I installed Fedora 23 Workstation this notification popped up. I hadn't installed any other software at this point. Version-Release number of selected component: selinux-policy-3.13.1-152.fc23.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.3-300.fc23.x86_64 type: libreport Description of problem: Open Firefox. Go to extensions.gnome.org. Allow the site to install extensions. Select an extension and turn it on. Choose install when a dialog appears. Then the SELinux troubleshooter will give an alert. Version-Release number of selected component: selinux-policy-3.13.1-152.fc23.noarch Additional info: reporter: libreport-2.6.3 hashmarkername: setroubleshoot kernel: 4.2.3-300.fc23.x86_64 type: libreport Description of problem: Not sure why this happened Version-Release number of selected component: selinux-policy-3.13.1-158.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.5.6-200.fc23.x86_64 type: libreport (In reply to Fedora Update System from comment #22) > selinux-policy-3.13.1-154.fc23 has been pushed to the Fedora 23 stable > repository. If problems still persist, please make note of it in this bug > report. Note that in comment #30 I have selinux-policy-3.13.1-158.fc23 which would include selinux-policy-3.13.1-154.fc23 and still seeing this problem. Description of problem: I was trying to open an appimage file called MuseScore but it crashes. Version-Release number of selected component: selinux-policy-3.13.1-158.15.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.5.7-200.fc23.i686 type: libreport This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component. This message is a reminder that Fedora 23 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 23. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as EOL if it remains open with a Fedora 'version' of '23'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version. Thank you for reporting this issue and we are sorry that we were not able to fix it before Fedora 23 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged change the 'version' to a later Fedora version prior this bug is closed as described in the policy above. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. Fedora 23 changed to end-of-life (EOL) status on 2016-12-20. Fedora 23 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. If you are unable to reopen this bug, please file a new report against the current release. If you experience problems, please add a comment to this bug. Thank you for reporting this bug and we are sorry it could not be fixed. |