Description of problem: SELinux is preventing abrt-hook-ccpp from 'getattr' accesses on the file file. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that abrt-hook-ccpp should be allowed getattr access on the file file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep abrt-hook-ccpp /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:abrt_dump_oops_t:s0 Target Context system_u:object_r:nsfs_t:s0 Target Objects file [ file ] Source abrt-hook-ccpp Source Path abrt-hook-ccpp Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-158.4.fc23.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.3.5-300.fc23.x86_64+debug #1 SMP Mon Feb 1 03:02:02 UTC 2016 x86_64 x86_64 Alert Count 3 First Seen 2016-02-04 22:07:40 YEKT Last Seen 2016-02-05 00:40:11 YEKT Local ID 58804410-2c0c-470d-a9fd-32548c9fcfe3 Raw Audit Messages type=AVC msg=audit(1454614811.944:758): avc: denied { getattr } for pid=31949 comm="abrt-hook-ccpp" path="ipc:[4026531839]" dev="nsfs" ino=4026531839 scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=system_u:object_r:nsfs_t:s0 tclass=file permissive=0 Hash: abrt-hook-ccpp,abrt_dump_oops_t,nsfs_t,file,getattr Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64+debug type: libreport Potential duplicate: bug 1300334
commit 2c2c1d1391ef92555fc8fead194b2bbb5557c788 Author: Lukas Vrabec <lvrabec> Date: Mon Feb 8 14:29:34 2016 +0100 Allow abrt_dump_oops_t to getattr filesystem nsfs files. rhbz#1300334
Description of problem: Tried to open pan's ssl-cert-manager Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: I had a segfault in an application and this SELinux warning appeared right after that. Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: nano abended, apparently as a result of not properly handling a file lock conflict. Then apparently the abort reporting tool caused a SELINUX error. Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: Happened at boot. Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: No idea, probably some bad update again. Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: I don't know what exactly caused this, however I'd think that reading attributes by abrt should be harmless and so there is no reason to deny it ... (?) Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
It's in the MODIFIED state, so we have fix for it and it will be in the next selinux-policy release...
Description of problem: It happened when I was using Liferea and browsing my RSS feeds with the built-in browser. Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: unlocked lockscreen after leaving computer for a few minutes. Seems something display-related had crashed in the meantime, as all windows were suddenly placed in virtual desktop 1. This has happened several times, regardless of what applications are running. Fedora 23, Gnome. Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
(In reply to Lukas Vrabec from comment #8) > It's in the MODIFIED state, so we have fix for it and it will be in the next > selinux-policy release... yep, but that's what I, and other people commenting this, have found only after submitting the abrt report and *then* ending up here I believe there exists somewhere a RFE for abrt to first search for duplicates and only after that ask the user for action ...
selinux-policy-3.13.1-158.6.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-36a160982c
Description of problem: Firefox crashed Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
*** Bug 1307218 has been marked as a duplicate of this bug. ***
Description of problem: really, no idea what this report means Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
*** Bug 1307269 has been marked as a duplicate of this bug. ***
Description of problem: I tried to mount an iso Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
selinux-policy-3.13.1-158.6.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-36a160982c
Description of problem: Creating of local politics not working: grep abrt-hook-ccpp /var/log/audit/audit.log | audit2allow -M mojapolityka Nothing to do Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
*** Bug 1308374 has been marked as a duplicate of this bug. ***
Description of problem: I get this message when I experience some program crash, abrt seems unable to create a proper crash report because of this. Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: After reboot ABRT show problem "hamster-time-tracker quit unexpectedly" and SELinux Alert Browser show this problem - ABRT probably hasnt permission to check logs or shoudl not check it by this way. Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: Just Firefox running Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: Nothing to add, since I don't have any idea of the problem. Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: Starting gnome-boxes Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: During dnf update process Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
selinux-policy-3.13.1-158.6.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report.
Description of problem: Automatically almost everytime after login. Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64+debug type: libreport
Description of problem: i clicked the yellow icon for notes Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Description of problem: This looks like it fired at/around a lid-close inspired suspend. Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
*** Bug 1310349 has been marked as a duplicate of this bug. ***
Description of problem: evolution crashed, and this AVC appeared Version-Release number of selected component: selinux-policy-3.13.1-158.4.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport