Description of problem: SELinux is preventing appsrc0:src from 'unlink' accesses on the file orcexec.9fh4uy. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that appsrc0:src should be allowed unlink access on the orcexec.9fh4uy file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'appsrc0:src' --raw | audit2allow -M my-appsrc0src # semodule -X 300 -i my-appsrc0src.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:user_home_dir_t:s0 Target Objects orcexec.9fh4uy [ file ] Source appsrc0:src Source Path appsrc0:src Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-260.1.fc26.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 4.11.11-300.fc26.x86_64 #1 SMP Mon Jul 17 16:32:11 UTC 2017 x86_64 x86_64 Alert Count 5 First Seen 2017-07-27 12:39:13 EDT Last Seen 2017-07-27 16:52:31 EDT Local ID 9205f1fd-1605-4af9-a978-9d34a4eba098 Raw Audit Messages type=AVC msg=audit(1501188751.595:329): avc: denied { unlink } for pid=6997 comm="appsrc0:src" name="orcexec.9fh4uy" dev="dm-2" ino=32377155 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=file permissive=0 Hash: appsrc0:src,thumb_t,user_home_dir_t,file,unlink Version-Release number of selected component: selinux-policy-3.13.1-260.1.fc26.noarch Additional info: component: selinux-policy reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: opened a jpg in a network share Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: tried playing a video from a network share Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: saved a file to network share Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: browse network share Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: Opening a mp4 on a network share Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: opened network share to search for file Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: Trying to open video in network share Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: Opening a pdf in network share Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: Browse a network share. Lost sound. Will have to reboot to watch vids. Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: Opened network share Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.11.11-300.fc26.x86_64 type: libreport
Description of problem: Did DNF update then rebooted - loads of alerts Version-Release number of selected component: selinux-policy-3.13.1-260.3.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.12.5-300.fc26.x86_64 type: libreport
***** Plugin restorecon (99.5 confidence) suggests ************************ If you want to fix the label. /home/vm/orcexec.BCK80J default label should be user_home_t. Then you can run restorecon. The access attempt may have been stopped due to insufficient permissions to access a parent directory in which case try to change the following command accordingly. Do # /sbin/restorecon -v /home/vm/orcexec.BCK80J
Description of problem: opened folders that I was able to open less than 8 hours ago without an alert. Version-Release number of selected component: selinux-policy-3.13.1-260.10.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.13.4-200.fc26.x86_64 type: libreport
Description of problem: Tried opening a file on a network share Version-Release number of selected component: selinux-policy-3.13.1-260.13.fc26.noarch Additional info: reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.13.9-200.fc26.x86_64 type: libreport