Description of problem: SELinux is preventing sogou-qimpanel- from 'setattr' accesses on the directory /var/cache/fontconfig. ***** Plugin catchall (100. confidence) suggests ************************** If 您确定应默认允许 sogou-qimpanel- setattr 访问 fontconfig directory。 Then 您应该将这个情况作为 bug 报告。 您可以生成本地策略模块允许这个访问。 Do 请执行以下命令此时允许这个访问: # grep sogou-qimpanel- /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:sogou_t:s0-s0:c0.c1023 Target Context system_u:object_r:fonts_cache_t:s0 Target Objects /var/cache/fontconfig [ dir ] Source sogou-qimpanel- Source Path sogou-qimpanel- Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages fontconfig-2.11.94-4.fc23.x86_64 fontconfig-2.11.94-4.fc23.i686 Policy RPM selinux-policy-3.13.1-158.6.fc23.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.3.5-300.fc23.x86_64 #1 SMP Mon Feb 1 03:18:41 UTC 2016 x86_64 x86_64 Alert Count 6 First Seen 2016-02-27 02:31:49 CST Last Seen 2016-02-27 02:31:56 CST Local ID 31838240-1441-4afa-b4a7-6614d2f20369 Raw Audit Messages type=AVC msg=audit(1456511516.292:460): avc: denied { setattr } for pid=7837 comm="sogou-qimpanel-" name="fontconfig" dev="sda5" ino=2101085 scontext=unconfined_u:unconfined_r:sogou_t:s0-s0:c0.c1023 tcontext=system_u:object_r:fonts_cache_t:s0 tclass=dir permissive=0 Hash: sogou-qimpanel-,sogou_t,fonts_cache_t,dir,setattr Version-Release number of selected component: selinux-policy-3.13.1-158.6.fc23.noarch Additional info: reporter: libreport-2.6.4 hashmarkername: setroubleshoot kernel: 4.3.5-300.fc23.x86_64 type: libreport
Hi, Looks like we don't ship sogou SELinux policy module. Where did this module come from?