From Bugzilla Helper: User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7) Gecko/20040803 Firefox/0.9.3 Description of problem: AVC messages that have filenames (path=, exe=, etc.) containing a left brace character '{' cause audit2allow to loop, or otherwise misbehave. Assuming that the 'brace' should trigger special handling only when it starts a field, here is a patch: --- /usr/bin/audit2allow 2004-08-11 14:29:39.000000000 -0700 +++ a2a 2004-08-12 14:42:33.812606852 -0700 @@ -65,7 +65,7 @@ $command=""; foreach $i(0..$#types){ next if($types[$i]!~/[=\{]/); - if($types[$i]=~/\{/){ + if($types[$i]=~/^\{/){ $j=$i+1; while($types[$j]!~/\}/){ $command.=" $types[$j]"; For reference, here is a 'brace AVC': Aug 12 09:08:02 fedora kernel: audit(1092326882.229:0): avc: denied { read } for pid=4477 exe=/bin/bash path=/home/tbl/.thunderbird/default/7hvcq9as.slt/extensions/{847b3a00-7ab1-11d4-8f02-006008948af5}/chrome/enigmail-skin-tbird.jar dev=hda2 ino=3769282 scontext=user_u:user_r:user_mozilla_t tcontext=system_u:object_r:user_home_t tclass=file Version-Release number of selected component (if applicable): policycoreutils-1.15.5-1 How reproducible: Always Steps to Reproduce: 1. generate AVC with filename containing brace (e.g., use thunderbird extensions) 2. run audit2allow on AVC 3. Additional info:
Patch applied in upstream.