Hide Forgot
Description of problem: Seems that new map permissions added in -193 denies abrt processes. Version-Release number of selected component (if applicable): kernel-3.10.0-878.el7 selinux-policy-targeted-3.13.1-193.el7 selinux-policy-3.13.1-193.el7 How reproducible: 100% Steps to Reproduce: 1. 2. 3. Actual results: May 03 08:21:13 placka kernel: type=1400 audit(1525328473.994:677): avc: denied { map } for pid=31512 comm="chrome" path=2F6465762F73686D2F2E636F6D2E676F6F676C652E4368726F6D652E795965313133202864656C6574656429 dev="tmpfs" ino=176539 scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file permissive=1 May 03 08:21:36 placka kernel: type=1400 audit(1525328496.608:679): avc: denied { map } for pid=31996 comm="chrome" path=2F6465762F73686D2F2E636F6D2E676F6F676C652E4368726F6D652E653050476D71202864656C6574656429 dev="tmpfs" ino=202763 scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file permissive=1 Expected results: Additional info: Wokaround: either setenforce 0 or downgrading to selinux-policy-targeted-3.13.1-192.el7_5.3.noarch selinux-policy-3.13.1-192.el7_5.3 Full list of map related AVC's at https://bugzilla.redhat.com/attachment.cgi?id=1430552
*** This bug has been marked as a duplicate of bug 1574392 ***