Description of problem: Pressed the "volume down" key in the keyboard, while on a selinux-restricted user (user_u). The resulting crash was appended to https://bugzilla.redhat.com/show_bug.cgi?id=1101073 by ABRT. SELinux is preventing /usr/bin/pulseaudio from 'execute' accesses on the file . ***** Plugin catchall (100. confidence) suggests ************************** If você acredita que o pulseaudio deva ser permitido acesso de execute em file por default. Then você precisa reportar este como um erro. Você pode gerar um módulo de política local para permitir este acesso. Do permitir este acesso agora executando: # grep 616C73612D73696E6B2D48444D4920 /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context user_u:user_r:pulseaudio_t:s0 Target Context user_u:object_r:user_tmp_t:s0 Target Objects [ file ] Source 616C73612D73696E6B2D48444D4920 Source Path /usr/bin/pulseaudio Port <Unknown> Host (removed) Source RPM Packages pulseaudio-5.0-7.fc20.x86_64 Target RPM Packages Policy RPM selinux-policy-3.12.1-192.fc20.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.16.6-203.fc20.x86_64 #1 SMP Sat Oct 25 12:44:32 UTC 2014 x86_64 x86_64 Alert Count 8 First Seen 2014-10-31 07:22:19 BRST Last Seen 2014-10-31 07:22:30 BRST Local ID cc9773bb-e883-45bd-b03d-76c8e40caf2b Raw Audit Messages type=AVC msg=audit(1414747350.949:530): avc: denied { execute } for pid=7783 comm=616C73612D73696E6B2D48444D4920 path=2F746D702F6F7263657865632E527A50546968202864656C6574656429 dev="tmpfs" ino=160116 scontext=user_u:user_r:pulseaudio_t:s0 tcontext=user_u:object_r:user_tmp_t:s0 tclass=file permissive=0 type=SYSCALL msg=audit(1414747350.949:530): arch=x86_64 syscall=mmap success=no exit=EACCES a0=0 a1=10000 a2=5 a3=1 items=0 ppid=1 pid=7783 auid=1001 uid=1001 gid=1001 euid=1001 suid=1001 fsuid=1001 egid=1001 sgid=1001 fsgid=1001 tty=(none) ses=8 comm=616C73612D73696E6B2D48444D4920 exe=/usr/bin/pulseaudio subj=user_u:user_r:pulseaudio_t:s0 key=(null) Hash: 616C73612D73696E6B2D48444D4920,pulseaudio_t,user_tmp_t,file,execute Additional info: reporter: libreport-2.2.3 hashmarkername: setroubleshoot kernel: 3.16.6-203.fc20.x86_64 type: libreport
*** Bug 1159243 has been marked as a duplicate of this bug. ***
*** Bug 1159242 has been marked as a duplicate of this bug. ***
Hi, Look at the comm and path, this values are weird. This happened just once? It's broken something in your system related to pulseaudio?
Lukas, we allow it in F21. #============= pulseaudio_t ============== #!!!! This avc is allowed in the current policy allow pulseaudio_t user_tmp_t:file execute;
commit 9659b435aef194f7ea4719f408f7d7e1d4461ef8 Author: Dan Walsh <dwalsh> Date: Fri Oct 17 10:01:42 2014 -0400 xserver_manage_xdm_tmp_files is depracated and replaced with userdom_manage_user_tmp_files, pulseaudio needs to execute user_tmp_t to run bluejeans
selinux-policy-3.12.1-193.fc20 has been submitted as an update for Fedora 20. https://admin.fedoraproject.org/updates/selinux-policy-3.12.1-193.fc20
(In reply to Lukas Vrabec from comment #3) > Hi, > > Look at the comm and path, this values are weird. This happened just once? > It's broken something in your system related to pulseaudio? I could reproduce it. I don't know if anything broke, I don't use audio with that user account (I pressed the volume down key by mistake).
Package selinux-policy-3.12.1-193.fc20: * should fix your issue, * was pushed to the Fedora 20 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.12.1-193.fc20' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-14228/selinux-policy-3.12.1-193.fc20 then log in and leave karma (feedback).
selinux-policy-3.12.1-193.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.