This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes
First Last Prev Next    This bug is not in your last search results.
Bug 1315091 - SELinux is preventing gst-plugin-scan from 'create' accesses on the netlink_kobject_uevent_socket Unknown.
SELinux is preventing gst-plugin-scan from 'create' accesses on the netlink_k...
Status: NEW
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
25
x86_64 Unspecified
low Severity low
: ---
: ---
Assigned To: Lukas Vrabec
Fedora Extras Quality Assurance
abrt_hash:d1d57cdeae7aa69462e170f3423...
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2016-03-06 10:04 EST by Jared Smith
Modified: 2016-11-16 15:42 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Jared Smith 2016-03-06 10:04:26 EST 
Description of problem:
This alert came up on startup
SELinux is preventing gst-plugin-scan from 'create' accesses on the netlink_kobject_uevent_socket Unknown.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that gst-plugin-scan should be allowed create access on the Unknown netlink_kobject_uevent_socket by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep gst-plugin-scan /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023
Target Context                unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023
Target Objects                Unknown [ netlink_kobject_uevent_socket ]
Source                        gst-plugin-scan
Source Path                   gst-plugin-scan
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           
Target RPM Packages           
Policy RPM                    selinux-policy-3.13.1-176.fc25.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     (removed)
Platform                      Linux (removed) 4.5.0-0.rc5.git0.2.fc25.x86_64 #1
                              SMP Thu Feb 25 10:53:02 UTC 2016 x86_64 x86_64
Alert Count                   1
First Seen                    2016-03-05 20:32:30 EST
Last Seen                     2016-03-05 20:32:30 EST
Local ID                      f2d160f7-2566-4230-8954-6d20ea5666b9

Raw Audit Messages
type=AVC msg=audit(1457227950.949:1968): avc:  denied  { create } for  pid=24711 comm="gst-plugin-scan" scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tclass=netlink_kobject_uevent_socket permissive=0


Hash: gst-plugin-scan,thumb_t,thumb_t,netlink_kobject_uevent_socket,create

Version-Release number of selected component:
selinux-policy-3.13.1-176.fc25.noarch

Additional info:
reporter:       libreport-2.6.4
hashmarkername: setroubleshoot
kernel:         4.5.0-0.rc6.git2.1.fc25.x86_64
type:           libreport

Potential duplicate: bug 1186957
Comment 1 Jan Kurik 2016-07-26 00:38:30 EDT 
This bug appears to have been reported against 'rawhide' during the Fedora 25 development cycle.
Changing version to '25'.
Comment 2 lennart_reuther 2016-11-16 15:42:25 EST 
Description of problem:
turning on scanner while already using "simple scan" application.

Version-Release number of selected component:
selinux-policy-3.13.1-222.fc25.noarch

Additional info:
reporter:       libreport-2.8.0
hashmarkername: setroubleshoot
kernel:         4.8.6-300.fc25.x86_64
type:           libreport
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.