Description of problem: .picasa.ini file in Insync Folder is restricted. SELinux is preventing /usr/bin/evince-thumbnailer from 'append' accesses on the file . ***** Plugin leaks (86.2 confidence) suggests ***************************** If ki szeretné hagyni evince-thumbnailer append hozzáférési próbálkozását itt: file - mivel úgy gondolja, hogy nincs szüksége erre a hozzáférésre. Then jeletse ezt hibaként. Előállíthatja a helyi szabályzat modult hogy ne auditálja ezt a hozzáférést. Do # grep /usr/bin/evince-thumbnailer /var/log/audit/audit.log | audit2allow -D -M mypol # semodule -i mypol.pp ***** Plugin catchall (14.7 confidence) suggests ************************** If ha úgy érzi, hogy evince-thumbnailer számára engedélyezni kell append hozzáférést itt: file alapértelmezésben. Then ezt jelentenie kell, mint hibát. Hogy engedélyezze ezt a hozzáférést előállíthat egy helyi szabálymodult. Do engedélyezheti ezt a hozzáférést most ezzel: # grep evince-thumbnai /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:config_home_t:s0 Target Objects [ file ] Source evince-thumbnai Source Path /usr/bin/evince-thumbnailer Port <Unknown> Host (removed) Source RPM Packages evince-3.10.3-1.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-135.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.13.6-200.fc20.x86_64 #1 SMP Fri Mar 7 17:02:28 UTC 2014 x86_64 x86_64 Alert Count 12 First Seen 2014-01-08 09:55:28 GMT Last Seen 2014-03-25 11:38:22 GMT Local ID ce38a47b-9140-43f8-8b88-788ced29a28f Raw Audit Messages type=AVC msg=audit(1395747502.737:435): avc: denied { append } for pid=6848 comm="evince-thumbnai" path="/home/egazda/.config/Insync/out.txt" dev="dm-0" ino=1312113 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=file type=AVC msg=audit(1395747502.737:435): avc: denied { append } for pid=6848 comm="evince-thumbnai" path="/home/egazda/.config/Insync/out.txt" dev="dm-0" ino=1312113 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:config_home_t:s0 tclass=file type=SYSCALL msg=audit(1395747502.737:435): arch=x86_64 syscall=execve success=yes exit=0 a0=7f66a8004fcd a1=7f66a800a590 a2=133e700 a3=1c items=0 ppid=6014 pid=6848 auid=1000 uid=1000 gid=1001 euid=1000 suid=1000 fsuid=1000 egid=1001 sgid=1001 fsgid=1001 ses=1 tty=(none) comm=evince-thumbnai exe=/usr/bin/evince-thumbnailer subj=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 key=(null) Hash: evince-thumbnai,thumb_t,config_home_t,file,append Additional info: reporter: libreport-2.2.0 hashmarkername: setroubleshoot kernel: 3.13.6-200.fc20.x86_64 type: libreport
commit 86edc3a059d54b1ef58e56dc961453d77d47b2b5 Author: Miroslav Grepl <mgrepl> Date: Wed Mar 26 11:04:31 2014 +0100 Allow thumb to append GNOME config home files
How? Please give me directions. I am newbie. Thank you.
You can read more info here http://mgrepl.wordpress.com/2012/04/24/how-do-we-do-selinux-policy-updates/
selinux-policy-3.12.1-152.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/selinux-policy-3.12.1-152.fc20
Package selinux-policy-3.12.1-152.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.12.1-152.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-4933/selinux-policy-3.12.1-152.fc20 then log in and leave karma (feedback).
Package selinux-policy-3.12.1-153.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.12.1-153.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-4933/selinux-policy-3.12.1-153.fc20 then log in and leave karma (feedback).
selinux-policy-3.12.1-153.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.