Bug 1312463 - SELinux is preventing sogou-qimpanel- from 'setattr' accesses on the directory /var/cache/fontconfig.
SELinux is preventing sogou-qimpanel- from 'setattr' accesses on the director...
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
23
x86_64 Unspecified
low Severity low
: ---
: ---
Assigned To: Lukas Vrabec
Fedora Extras Quality Assurance
abrt_hash:7d1c6630d95c8cfaae5911f4167...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-02-26 13:40 EST by dzqnyb
Modified: 2016-02-29 03:58 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-02-29 03:58:23 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description dzqnyb 2016-02-26 13:40:55 EST
Description of problem:
SELinux is preventing sogou-qimpanel- from 'setattr' accesses on the directory /var/cache/fontconfig.

*****  Plugin catchall (100. confidence) suggests   **************************

If 您确定应默认允许 sogou-qimpanel- setattr 访问 fontconfig directory。
Then 您应该将这个情况作为 bug 报告。
您可以生成本地策略模块允许这个访问。
Do
请执行以下命令此时允许这个访问:
# grep sogou-qimpanel- /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                unconfined_u:unconfined_r:sogou_t:s0-s0:c0.c1023
Target Context                system_u:object_r:fonts_cache_t:s0
Target Objects                /var/cache/fontconfig [ dir ]
Source                        sogou-qimpanel-
Source Path                   sogou-qimpanel-
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           
Target RPM Packages           fontconfig-2.11.94-4.fc23.x86_64
                              fontconfig-2.11.94-4.fc23.i686
Policy RPM                    selinux-policy-3.13.1-158.6.fc23.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     (removed)
Platform                      Linux (removed) 4.3.5-300.fc23.x86_64 #1 SMP Mon
                              Feb 1 03:18:41 UTC 2016 x86_64 x86_64
Alert Count                   6
First Seen                    2016-02-27 02:31:49 CST
Last Seen                     2016-02-27 02:31:56 CST
Local ID                      31838240-1441-4afa-b4a7-6614d2f20369

Raw Audit Messages
type=AVC msg=audit(1456511516.292:460): avc:  denied  { setattr } for  pid=7837 comm="sogou-qimpanel-" name="fontconfig" dev="sda5" ino=2101085 scontext=unconfined_u:unconfined_r:sogou_t:s0-s0:c0.c1023 tcontext=system_u:object_r:fonts_cache_t:s0 tclass=dir permissive=0


Hash: sogou-qimpanel-,sogou_t,fonts_cache_t,dir,setattr

Version-Release number of selected component:
selinux-policy-3.13.1-158.6.fc23.noarch

Additional info:
reporter:       libreport-2.6.4
hashmarkername: setroubleshoot
kernel:         4.3.5-300.fc23.x86_64
type:           libreport
Comment 1 Lukas Vrabec 2016-02-29 03:58:23 EST
Hi, 
Looks like we don't ship sogou SELinux policy module. 

Where did this module come from?

Note You need to log in before you can comment on or make changes to this bug.