Bug 558805
Summary: | SELinux is preventing /usr/bin/kdeinit4 "execute" access on /usr/bin/octave-3.2.3. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | palo.liska |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 12 | CC: | dwalsh, fedora, jreznik, kevin, lorenzo, ltinkl, mgrepl, rdieter, smparrish, than |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | setroubleshoot_trace_hash:4760dff1440f049020ae1ee0f5f6b2da9baf577c1ba2942895cb24a3a32ddab1 | ||
Fixed In Version: | 3.6.32-84.fc12 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2010-02-11 14:40:37 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
palo.liska
2010-01-26 13:39:49 UTC
Are you logged in when this happens? IE Are you logging in with a context of xdm_t? Or is the login program for some reason running octave? I was just logging in, why login program tried to run octave I don.t know. Happend during logging in, I dont know why login program tried to run octave. What does id -Z show as your context? $ id -Z unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 Ok I will reassign to kdebase. KDE Guys, Does /usr/bin/kdeinit4 run through the files in /usr/bin looking to see which ones it can execute? Or does it actually need to execute octave for some reason? kbuildsycoca4 seems to be the actual offender, it's just being executed through the "kdeinit4 hack". The "sycoca" in kbuildsycoca4 stands for "system configuration cache". What kbuildsycoca4 does is to build a database of things like .desktop files. But why it's executing programs, I have no idea. It might be just doing an access(, X_OK) Well it is not that big a deal. Miroslav could you add optional_policy(` java_exec(xdm_t) ') Fixed in selinux-policy-3.6.32-80.fc12 selinux-policy-3.6.32-82.fc12 has been submitted as an update for Fedora 12. http://admin.fedoraproject.org/updates/selinux-policy-3.6.32-82.fc12 selinux-policy-3.6.32-84.fc12 has been pushed to the Fedora 12 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F12/FEDORA-2010-1492 selinux-policy-3.6.32-84.fc12 has been pushed to the Fedora 12 stable repository. If problems still persist, please make note of it in this bug report. |