Description of problem: SELinux is preventing abrt-action-gen from 'map' accesses on the file /home/mikhail/.local/share/Steam/ubuntu12_32/steam. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that abrt-action-gen should be allowed map access on the steam file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'abrt-action-gen' --raw | audit2allow -M my-abrtactiongen # semodule -X 300 -i my-abrtactiongen.pp Additional Information: Source Context system_u:system_r:abrt_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:data_home_t:s0 Target Objects /home/mikhail/.local/share/Steam/ubuntu12_32/steam [ file ] Source abrt-action-gen Source Path abrt-action-gen Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-272.fc28.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 4.13.0-0.rc5.git4.1.fc28.x86_64 #1 SMP Fri Aug 18 20:40:13 UTC 2017 x86_64 x86_64 Alert Count 1 First Seen 2017-08-20 20:09:58 +05 Last Seen 2017-08-20 20:09:58 +05 Local ID f17e93a5-33de-48a5-97ed-c8d70ec1b4a3 Raw Audit Messages type=AVC msg=audit(1503241798.291:64872): avc: denied { map } for pid=18451 comm="abrt-action-gen" path="/home/mikhail/.local/share/Steam/ubuntu12_32/steam" dev="sdb" ino=2651086782 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:data_home_t:s0 tclass=file permissive=1 Hash: abrt-action-gen,abrt_t,data_home_t,file,map Version-Release number of selected component: selinux-policy-3.13.1-272.fc28.noarch Additional info: component: selinux-policy reporter: libreport-2.9.1 hashmarkername: setroubleshoot kernel: 4.13.0-0.rc5.git4.1.fc28.x86_64 type: libreport
May I ask what actions were occurring when the error was triggered? Was this related to a shutdown/logout?
*** Bug 1502805 has been marked as a duplicate of this bug. ***
Problem here is wrong labeling. You're storing steam binaries in /home/mikhail/.local and lables defined in this dir are data_home_t and when stream binary crashed abrt_t don't have permissions to access it. Please label this binary file as bin_t to make it working. # semanage fcontext -a -t bin_t /home/mikhail/.local/share/Steam/ubuntu12_32/steam # restorecon -Rv /home/mikhail/.local/share/Steam/ubuntu12_32/steam Lukas.