| Summary: | SELinux is preventing /usr/libexec/colord from 'associate' accesses on the pamięć współdzielona Unknown. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | doctore |
| Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
| Status: | CLOSED DUPLICATE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | rawhide | CC: | doctore, dominick.grift, dwalsh, mgrepl |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | x86_64 | ||
| OS: | Linux | ||
| Whiteboard: | setroubleshoot_trace_hash:d1c9b794b4196d7f0a22042f855f7fb3642ba25109c07d745088f7f9f7534c5e | ||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-09-28 14:50:35 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
*** This bug has been marked as a duplicate of bug 741763 *** |
SELinux is preventing /usr/libexec/colord from 'associate' accesses on the pamięć współdzielona Unknown. ***** Plugin catchall (100. confidence) suggests *************************** If aby colord powinno mieć domyślnie associate dostęp do Unknown shm. Then proszę to zgłosić jako błąd. Można utworzyć lokalny moduł polityki, aby umożliwić ten dostęp. Do można tymczasowo zezwolić na ten dostęp wykonując polecenia: # grep colord /var/log/audit/audit.log | audit2allow -M moja_polityka # semodule -i moja_polityka.pp Additional Information: Source Context system_u:system_r:colord_t:s0-s0:c0.c1023 Target Context system_u:system_r:colord_t:s0-s0:c0.c1023 Target Objects Unknown [ shm ] Source colord Source Path /usr/libexec/colord Port <Nieznane> Host (removed) Source RPM Packages colord-0.1.7-1.fc15 Target RPM Packages Policy RPM selinux-policy-3.9.16-38.fc15 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 2.6.40.4-5.fc15.x86_64 #1 SMP Tue Aug 30 14:38:32 UTC 2011 x86_64 x86_64 Alert Count 62 First Seen nie, 26 cze 2011, 16:07:42 Last Seen wto, 27 wrz 2011, 21:56:32 Local ID f96f06a0-a2cd-4e5e-a164-09a34509e85e Raw Audit Messages type=AVC msg=audit(1317153392.524:25): avc: denied { associate } for pid=1179 comm="colord" key=-324508640 scontext=system_u:system_r:colord_t:s0-s0:c0.c1023 tcontext=system_u:system_r:colord_t:s0-s0:c0.c1023 tclass=shm type=SYSCALL msg=audit(1317153392.524:25): arch=x86_64 syscall=shmget success=yes exit=32769 a0=eca86420 a1=1000 a2=1b6 a3=1 items=0 ppid=1 pid=1179 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=colord exe=/usr/libexec/colord subj=system_u:system_r:colord_t:s0-s0:c0.c1023 key=(null) Hash: colord,colord_t,colord_t,shm,associate audit2allow #============= colord_t ============== allow colord_t self:shm associate; audit2allow -R #============= colord_t ============== allow colord_t self:shm associate;