Bug 618693

Summary: Getting avc on WineMine startup
Product: [Fedora] Fedora EPEL Reporter: Lubos Kocman <lkocman>
Component: wineAssignee: Andreas Bierfert <andreas.bierfert>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: el6CC: andreas.bierfert, asaba90
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-02-20 00:36:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Lubos Kocman 2010-07-27 14:46:16 UTC
Summary:

SELinux has prevented wine from performing an unsafe memory operation.

Detailed Description:

SELinux denied an operation requested by wine-preloader, a program used to run
Windows applications under Linux. This program is known to use an unsafe
operation on system memory but so are a number of malware/exploit programs which
masquerade as wine. If you were attempting to run a Windows program your only
choices are to allow this operation and reduce your system security against such
malware or to refrain from running Windows applications under Linux. If you were
not attempting to run a Windows application this indicates you are likely being
attacked by some for of malware or program trying to exploit your system for
nefarious purposes. Please refer to
http://wiki.winehq.org/PreloaderPageZeroProblem Which outlines the other
problems wine encounters due to its unsafe use of memory and solutions to those
problems.

Allowing Access:

If you decide to continue to run the program in question you will need to allow
this operation. This can be done on the command line by executing: # setsebool
-P mmap_low_allowed 1

Fix Command:

/usr/sbin/setsebool -P mmap_low_allowed 1

Additional Information:

Source Context                unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
Target Context                unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
Target Objects                None [ memprotect ]
Source                        wine-preloader
Source Path                   /usr/bin/wine-preloader
Port                          <Unknown>
Host                          dhcp-28-248.brq.redhat.com
Source RPM Packages           wine-core-1.2.0-1.el6
Target RPM Packages           
Policy RPM                    selinux-policy-3.7.19-34.el6
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   wine
Host Name                     dhcp-28-248.brq.redhat.com
Platform                      Linux dhcp-28-248.brq.redhat.com
                              2.6.32-52.el6.x86_64 #1 SMP Wed Jul 21 11:50:07
                              EDT 2010 x86_64 x86_64
Alert Count                   1
First Seen                    Tue 27 Jul 2010 04:34:30 PM CEST
Last Seen                     Tue 27 Jul 2010 04:34:30 PM CEST
Local ID                      c101e584-02df-4b24-87e2-71161031ab6c
Line Numbers                  

Raw Audit Messages            

node=dhcp-28-248.brq.redhat.com type=AVC msg=audit(1280241270.921:606): avc:  denied  { mmap_zero } for  pid=26380 comm="wine-preloader" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect

node=dhcp-28-248.brq.redhat.com type=SYSCALL msg=audit(1280241270.921:606): arch=40000003 syscall=90 success=no exit=-13 a0=fff98790 a1=0 a2=fff98790 a3=5a items=0 ppid=1 pid=26380 auid=500 uid=500 gid=100 euid=500 suid=500 fsuid=500 egid=100 sgid=100 fsgid=100 tty=(none) ses=2 comm="wine-preloader" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)

Comment 1 Eric Paris 2013-06-07 15:03:28 UTC
*** Bug 783889 has been marked as a duplicate of this bug. ***

Comment 2 Michael Cronenworth 2019-02-20 00:36:07 UTC
EPEL 6 is no longer supported.