Bug 543836
Summary: | SELinux is preventing /usr/bin/xauth "read" access on /usr/share/google-gadgets/resources.gg. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Sylvain Réault <vindicators> |
Component: | selinux-policy | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 12 | CC: | dwalsh, mgrepl |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | setroubleshoot_trace_hash:3ea06fa6cd1f63614783f6fc3bb5264666ff32aae7e8cb7f2456f28931983085 | ||
Fixed In Version: | 3.6.32-55.fc12 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2009-12-07 22:47:54 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Sylvain Réault
2009-12-03 09:32:58 UTC
This is a leaked file descroptor from google-gadgets, most likely. You can ignore it as all that happened is SELinux closed it and the command finished successfully. xauth definitely does not know anything about /usr/share/google-gadgets/resources.gg You should report this as a bug to google, to close all file descriptors before fork/exec fcntl(fd, F_SETFD, FD_CLOEXEC) I can allow it for now, just to eliminate the AVC. Fixed in selinux-policy-3.6.32-54.fc12 selinux-policy-3.6.32-55.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-55.fc12 selinux-policy-3.6.32-55.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2009-12650 selinux-policy-3.6.32-55.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. |