Bug 485205
| Summary: | SElinux "restorecon -v '/usr/lib/nspluginwrapper/npviewer' does not work" | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | adriano <adrigiga> |
| Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
| Status: | CLOSED RAWHIDE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | rawhide | CC: | dwalsh, jake, jkubin, mgrepl |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Rawhide | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2009-02-26 16:24:03 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Hello. Can you update your Rawhide to the latest version and tell us if your still receiving this issue? As far as I am aware this got fixed recently. Please report back :) (In reply to comment #1) > Hello. > > Can you update your Rawhide to the latest version and tell us if your still > receiving this issue? As far as I am aware this got fixed recently. Please > report back :) Yes, with the last rawhide updates it's Ok. Before this, I got this message every time I launch firefox. Great! Bye Adriano Ok :-) I'm closing this bug as the issue is resolved and fixed :-) |
Description of problem: SELinux is preventing plugin-config (nsplugin_config_t) "execute_no_trans" to /usr/lib/nspluginwrapper/npviewer (lib_t). -> restorecon -v '/usr/lib/nspluginwrapper/npviewer' does not work Version-Release number of selected component (if applicable): libselinux-utils-2.0.77-3.fc11.i386 selinux-policy-3.6.5-2.fc11.noarch libselinux-2.0.77-3.fc11.i386 selinux-policy-targeted-3.6.5-2.fc11.noarch libselinux-python-2.0.77-3.fc11.i386 How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: Source Context: unconfined_u:unconfined_r:nsplugin_config_t:s0Target Context: system_u:object_r:lib_t:s0Target Objects: /usr/lib/nspluginwrapper/npviewer [ file ]Source: plugin-configSource Path: /usr/lib/nspluginwrapper/plugin-configPort: <Unknown>Host: localhost.localdomainSource RPM Packages: nspluginwrapper-1.3.0-2.fc11Target RPM Packages: nspluginwrapper-1.3.0-2.fc11Policy RPM: selinux-policy-3.6.5-2.fc11Selinux Enabled: TruePolicy Type: targetedMLS Enabled: TrueEnforcing Mode: EnforcingPlugin Name: catchall_fileHost Name: localhost.localdomainPlatform: Linux localhost.localdomain 2.6.29-0.99.rc4.git1.fc11.i586 #1 SMP Sun Feb 8 23:54:11 EST 2009 i686 i686Alert Count: 3First Seen: Thu 12 Feb 2009 12:16:49 PM CETLast Seen: Thu 12 Feb 2009 12:34:48 PM CETLocal ID: 579c1d43-092d-4fb0-b4e6-28f36f3e8866Line Numbers: Raw Audit Messages :node=localhost.localdomain type=AVC msg=audit(1234438488.446:15): avc: denied { execute_no_trans } for pid=3187 comm="plugin-config" path="/usr/lib/nspluginwrapper/npviewer" dev=dm-0 ino=45990 scontext=unconfined_u:unconfined_r:nsplugin_config_t:s0 tcontext=system_u:object_r:lib_t:s0 tclass=file node=localhost.localdomain type=SYSCALL msg=audit(1234438488.446:15): arch=40000003 syscall=11 success=no exit=-13 a0=804f900 a1=bfb8336c a2=bfb8cd30 a3=4 items=0 ppid=3186 pid=3187 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="plugin-config" exe="/usr/lib/nspluginwrapper/plugin-config" subj=unconfined_u:unconfined_r:nsplugin_config_t:s0 key=(null)