Bug 1917172 - SELinux is preventing colord from 'getattr' accesses on the Datei /var/lib/flatpak/exports/share/mime/mime.cache.
Summary: SELinux is preventing colord from 'getattr' accesses on the Datei /var/lib/fl...
Keywords:
Status: CLOSED DUPLICATE of bug 1916652
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 33
Hardware: x86_64
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Zdenek Pytela
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: abrt_hash:8bdc449231251425e6f6a6653bf...
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-01-17 20:36 UTC by bb
Modified: 2021-04-14 19:08 UTC (History)
25 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-04-14 19:08:11 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description bb 2021-01-17 20:36:57 UTC
Description of problem:
SELinux is preventing colord from 'getattr' accesses on the Datei /var/lib/flatpak/exports/share/mime/mime.cache.

*****  Plugin catchall_labels (83.8 confidence) suggests   *******************

Wenn Sie erlauben wollen, dass colord  getattr Zugriff auf mime.cache file
Then sie müssen das Label auf /var/lib/flatpak/exports/share/mime/mime.cache ändern
Do
# semanage fcontext -a -t FILE_TYPE '/var/lib/flatpak/exports/share/mime/mime.cache'
wobei FILE_TYPE einer der folgenen Werte ist: NetworkManager_log_t, NetworkManager_tmp_t, abrt_helper_exec_t, abrt_tmp_t, abrt_upload_watch_tmp_t, abrt_var_cache_t, abrt_var_log_t, abrt_var_run_t, acct_data_t, admin_crontab_tmp_t, admin_home_t, afs_logfile_t, aide_log_t, alsa_home_t, alsa_tmp_t, amanda_log_t, amanda_tmp_t, antivirus_home_t, antivirus_log_t, antivirus_tmp_t, apcupsd_log_t, apcupsd_tmp_t, apmd_log_t, apmd_tmp_t, arpwatch_tmp_t, asterisk_log_t, asterisk_tmp_t, audio_home_t, auditadm_sudo_tmp_t, auditd_tmp_t, auth_cache_t, auth_home_t, autofs_t, automount_tmp_t, awstats_tmp_t, bacula_log_t, bacula_tmp_t, bin_t, bitlbee_log_t, bitlbee_tmp_t, blueman_tmp_t, bluetooth_helper_tmp_t, bluetooth_helper_tmpfs_t, bluetooth_tmp_t, boinc_log_t, boinc_project_tmp_t, boinc_tmp_t, boot_t, bootloader_tmp_t, brltty_log_t, bugzilla_tmp_t, cache_home_t, calamaris_log_t, callweaver_log_t, canna_log_t, cardmgr_dev_t, ccs_tmp_t, ccs_var_lib_t, ccs_var_log_t, cdcc_tmp_t, cert_t, certmaster_var_log_t, certmonger_tmp_t, cfengine_log_t, cgred_log_t, cgroup_t, checkpc_log_t, chrome_sandbox_home_t, chrome_sandbox_tmp_t, chronyd_tmp_t, chronyd_var_log_t, cifs_t, cinder_api_tmp_t, cinder_backup_tmp_t, cinder_log_t, cinder_scheduler_tmp_t, cinder_volume_tmp_t, cloud_init_tmp_t, cloud_log_t, cluster_conf_t, cluster_tmp_t, cluster_var_lib_t, cluster_var_log_t, cluster_var_run_t, cobbler_tmp_t, cobbler_var_log_t, cockpit_tmp_t, cockpit_tmpfs_t, collectd_log_t, collectd_script_tmp_t, colord_exec_t, colord_tmp_t, colord_tmpfs_t, colord_var_lib_t, comsat_tmp_t, condor_log_t, condor_master_tmp_t, condor_schedd_tmp_t, condor_startd_tmp_t, config_home_t, conman_log_t, conman_tmp_t, conntrackd_log_t, consolekit_log_t, container_file_t, container_home_t, container_log_t, container_runtime_tmp_t, couchdb_log_t, couchdb_tmp_t, cpu_online_t, crack_tmp_t, cron_log_t, crond_tmp_t, crontab_tmp_t, ctdbd_log_t, ctdbd_tmp_t, cups_pdf_tmp_t, cupsd_etc_t, cupsd_log_t, cupsd_lpd_tmp_t, cupsd_rw_etc_t, cupsd_tmp_t, cvs_home_t, cvs_tmp_t, cyphesis_log_t, cyphesis_tmp_t, cyrus_tmp_t, data_home_t, dbadm_sudo_tmp_t, dbskkd_tmp_t, dbus_home_t, dbusd_etc_t, dcc_client_tmp_t, dcc_dbclean_tmp_t, dccd_tmp_t, dccifd_tmp_t, dccm_tmp_t, ddclient_log_t, ddclient_tmp_t, deltacloudd_log_t, deltacloudd_tmp_t, denyhosts_var_log_t, devicekit_tmp_t, devicekit_var_log_t, dhcpc_tmp_t, dhcpd_tmp_t, dirsrv_snmp_var_log_t, dirsrv_tmp_t, dirsrv_var_log_t, dirsrvadmin_tmp_t, disk_munin_plugin_tmp_t, dkim_milter_tmp_t, dlm_controld_var_log_t, dnsmasq_tmp_t, dnsmasq_var_log_t, dnssec_trigger_tmp_t, dosfs_t, dovecot_auth_tmp_t, dovecot_deliver_tmp_t, dovecot_tmp_t, dovecot_var_log_t, drbd_tmp_t, dspam_log_t, ecryptfs_t, efivarfs_t, etc_runtime_t, etc_t, evtchnd_var_log_t, exim_log_t, exim_tmp_t, fail2ban_log_t, fail2ban_tmp_t, fail2ban_var_lib_t, faillog_t, fenced_tmp_t, fenced_var_log_t, fetchmail_home_t, fetchmail_log_t, file_context_t, fingerd_log_t, firewalld_tmp_t, firewalld_var_log_t, firewallgui_tmp_t, foghorn_var_log_t, fonts_cache_t, fonts_t, fprintd_tmp_t, fsadm_log_t, fsadm_tmp_t, fsdaemon_tmp_t, ftpd_tmp_t, ftpdctl_tmp_t, fusefs_t, games_tmp_t, games_tmpfs_t, gconf_home_t, gconf_tmp_t, geoclue_tmp_t, getty_log_t, getty_tmp_t, gfs_controld_var_log_t, git_script_tmp_t, git_user_content_t, gkeyringd_gnome_home_t, gkeyringd_tmp_t, glance_log_t, glance_registry_tmp_t, glance_tmp_t, glusterd_log_t, glusterd_tmp_t, gnome_home_t, gpg_agent_tmp_t, gpg_agent_tmpfs_t, gpg_pinentry_tmp_t, gpg_pinentry_tmpfs_t, gpg_secret_t, gpm_tmp_t, groupd_var_log_t, gssd_tmp_t, gstreamer_home_t, haproxy_var_log_t, home_bin_t, home_cert_t, hostname_etc_t, hsqldb_tmp_t, httpd_log_t, httpd_php_tmp_t, httpd_suexec_tmp_t, httpd_tmp_t, ibacm_log_t, icc_data_home_t, iceauth_home_t, icecast_log_t, ifconfig_exec_t, inetd_child_tmp_t, inetd_log_t, inetd_tmp_t, init_tmp_t, initrc_tmp_t, initrc_var_log_t, innd_log_t, ipa_custodia_log_t, ipa_custodia_tmp_t, ipa_log_t, ipa_tmp_t, ipsec_log_t, ipsec_tmp_t, iptables_tmp_t, irc_home_t, irc_tmp_t, irssi_home_t, iscsi_log_t, iscsi_tmp_t, iso9660_t, iwhd_log_t, jetty_log_t, jetty_tmp_t, jockey_var_log_t, kadmind_log_t, kadmind_tmp_t, kdumpctl_tmp_t, kdumpgui_tmp_t, keepalived_tmp_t, keystone_log_t, keystone_tmp_t, kismet_home_t, kismet_log_t, kismet_tmp_t, kismet_tmpfs_t, klogd_tmp_t, kmod_tmp_t, krb5_conf_t, krb5_home_t, krb5_host_rcache_t, krb5kdc_log_t, krb5kdc_tmp_t, ksmtuned_log_t, ktalkd_log_t, ktalkd_tmp_t, l2tpd_tmp_t, lastlog_t, ld_so_cache_t, ld_so_t, ldconfig_tmp_t, lib_t, livecd_tmp_t, local_login_home_t, locale_t, logrotate_mail_tmp_t, logrotate_tmp_t, logwatch_mail_tmp_t, logwatch_tmp_t, lpd_tmp_t, lpr_tmp_t, lsassd_tmp_t, lsmd_plugin_tmp_t, lvm_tmp_t, machineid_t, mail_home_rw_t, mail_home_t, mail_munin_plugin_tmp_t, mailman_cgi_tmp_t, mailman_log_t, mailman_mail_tmp_t, mailman_queue_tmp_t, man_cache_t, man_t, mandb_cache_t, mandb_home_t, mcelog_log_t, mdadm_log_t, mdadm_tmp_t, mediawiki_tmp_t, minidlna_log_t, mirrormanager_log_t, mock_tmp_t, mojomojo_tmp_t, mongod_log_t, mongod_tmp_t, motion_log_t, mount_tmp_t, mozilla_home_t, mozilla_plugin_tmp_t, mozilla_plugin_tmpfs_t, mozilla_tmp_t, mozilla_tmpfs_t, mpd_home_t, mpd_log_t, mpd_tmp_t, mpd_user_data_t, mplayer_home_t, mplayer_tmpfs_t, mrtg_log_t, mscan_tmp_t, munin_log_t, munin_script_tmp_t, munin_tmp_t, mysqld_home_t, mysqld_log_t, mysqld_tmp_t, mythtv_var_log_t, naemon_log_t, nagios_eventhandler_plugin_tmp_t, nagios_log_t, nagios_openshift_plugin_tmp_t, nagios_system_plugin_tmp_t, nagios_tmp_t, named_log_t, named_tmp_t, net_conf_t, netutils_tmp_t, neutron_log_t, neutron_tmp_t, nfs_t, nfsd_tmp_t, nova_log_t, nova_tmp_t, nscd_log_t, nsd_log_t, nsd_tmp_t, ntop_tmp_t, ntpd_log_t, ntpd_tmp_t, numad_var_log_t, nut_upsd_tmp_t, nut_upsdrvctl_tmp_t, nut_upsmon_tmp_t, nx_server_tmp_t, opendnssec_tmp_t, openhpid_log_t, openshift_app_tmp_t, openshift_cgroup_read_tmp_t, openshift_cron_tmp_t, openshift_initrc_tmp_t, openshift_log_t, openshift_tmp_t, openshift_var_lib_t, opensm_log_t, openvpn_status_t, openvpn_tmp_t, openvpn_var_log_t, openvswitch_log_t, openvswitch_tmp_t, openwsman_log_t, openwsman_tmp_t, oracleasm_tmp_t, osad_log_t, pam_timestamp_tmp_t, passenger_log_t, passenger_tmp_t, passwd_file_t, pcp_log_t, pcp_tmp_t, pegasus_openlmi_storage_tmp_t, pegasus_tmp_t, pesign_tmp_t, piranha_log_t, piranha_web_tmp_t, pkcs11_modules_conf_t, pkcs_slotd_log_t, pkcs_slotd_tmp_t, pki_log_t, pki_ra_log_t, pki_tomcat_log_t, pki_tomcat_tmp_t, pki_tps_log_t, plymouthd_var_log_t, podsleuth_tmp_t, podsleuth_tmpfs_t, policykit_auth_exec_t, policykit_reload_t, policykit_tmp_t, policykit_var_lib_t, polipo_cache_home_t, polipo_config_home_t, polipo_log_t, portmap_tmp_t, postfix_bounce_tmp_t, postfix_cleanup_tmp_t, postfix_local_tmp_t, postfix_map_tmp_t, postfix_pickup_tmp_t, postfix_pipe_tmp_t, postfix_qmgr_tmp_t, postfix_smtp_tmp_t, postfix_smtpd_tmp_t, postfix_virtual_tmp_t, postgresql_log_t, postgresql_tmp_t, pppd_log_t, pppd_tmp_t, pptp_log_t, prelink_exec_t, prelink_log_t, prelink_tmp_t, prelude_lml_tmp_t, prelude_log_t, privoxy_log_t, proc_t, procmail_home_t, procmail_log_t, procmail_tmp_t, prosody_log_t, prosody_tmp_t, psad_tmp_t, psad_var_log_t, pulseaudio_home_t, pulseaudio_tmpfs_t, puppet_log_t, puppet_tmp_t, puppetmaster_tmp_t, pyicqt_log_t, qdiskd_var_log_t, qpidd_tmp_t, rabbitmq_tmp_t, rabbitmq_var_log_t, racoon_tmp_t, radiusd_log_t, realmd_tmp_t, redis_log_t, redis_tmp_t, removable_t, rhev_agentd_log_t, rhev_agentd_tmp_t, rhsmcertd_log_t, rhsmcertd_tmp_t, ricci_modcluster_var_log_t, ricci_tmp_t, ricci_var_log_t, rkhunter_var_lib_t, rlogind_home_t, rlogind_tmp_t, rolekit_tmp_t, rpcbind_tmp_t, rpm_log_t, rpm_script_tmp_t, rpm_tmp_t, rpmdb_tmp_t, rrdcached_tmp_t, rssh_ro_t, rssh_rw_t, rsync_log_t, rsync_tmp_t, rtas_errd_log_t, rtas_errd_tmp_t, samba_etc_t, samba_log_t, samba_net_tmp_t, samba_var_t, sandbox_file_t, sanlock_log_t, sbd_tmpfs_t, sblim_tmp_t, screen_home_t, secadm_sudo_tmp_t, sectool_tmp_t, sectool_var_log_t, selinux_munin_plugin_tmp_t, semanage_tmp_t, sendmail_log_t, sendmail_tmp_t, sensord_log_t, services_munin_plugin_tmp_t, session_dbusd_tmp_t, setroubleshoot_fixit_tmp_t, setroubleshoot_tmp_t, setroubleshoot_var_log_t, sge_tmp_t, shell_exec_t, shorewall_log_t, shorewall_tmp_t, slapd_log_t, slapd_tmp_t, slpd_log_t, smbd_tmp_t, smoltclient_tmp_t, smsd_log_t, smsd_tmp_t, snapperd_log_t, snappy_home_t, snappy_tmp_t, snmpd_log_t, snort_log_t, snort_tmp_t, sosreport_tmp_t, soundd_tmp_t, spamc_home_t, spamc_tmp_t, spamd_log_t, spamd_tmp_t, speech_dispatcher_home_t, speech_dispatcher_log_t, speech_dispatcher_tmp_t, squid_log_t, squid_tmp_t, squirrelmail_spool_t, src_t, ssh_agent_tmp_t, ssh_home_t, ssh_keygen_tmp_t, ssh_tmpfs_t, sssd_public_t, sssd_var_lib_t, sssd_var_log_t, staff_sudo_tmp_t, stapserver_log_t, stapserver_tmp_t, stapserver_tmpfs_t, stunnel_log_t, stunnel_tmp_t, sudo_log_t, svirt_home_t, svirt_tmp_t, svnserve_log_t, svnserve_tmp_t, swat_tmp_t, swift_tmp_t, sysadm_passwd_tmp_t, sysadm_sudo_tmp_t, sysfs_t, syslogd_tmp_t, sysstat_log_t, system_conf_t, system_cronjob_tmp_t, system_cronjob_var_lib_t, system_db_t, system_dbusd_tmp_t, system_dbusd_var_lib_t, system_mail_tmp_t, system_munin_plugin_tmp_t, systemd_home_t, systemd_hwdb_etc_t, systemd_importd_tmp_t, systemd_logind_sessions_t, sysv_t, targetd_tmp_t, tcpd_tmp_t, telepathy_cache_home_t, telepathy_data_home_t, telepathy_gabble_cache_home_t, telepathy_gabble_tmp_t, telepathy_idle_tmp_t, telepathy_logger_cache_home_t, telepathy_logger_data_home_t, telepathy_logger_tmp_t, telepathy_mission_control_cache_home_t, telepathy_mission_control_data_home_t, telepathy_mission_control_home_t, telepathy_mission_control_tmp_t, telepathy_msn_tmp_t, telepathy_salut_tmp_t, telepathy_sofiasip_tmp_t, telepathy_stream_engine_tmp_t, telepathy_sunshine_home_t, telepathy_sunshine_tmp_t, telnetd_tmp_t, tetex_data_t, texlive_home_t, textrel_shlib_t, tgtd_tmp_t, thin_aeolus_configserver_log_t, thin_log_t, thumb_home_t, thumb_tmp_t, tmp_t, tomcat_log_t, tomcat_tmp_t, tor_var_log_t, tuned_log_t, tuned_tmp_t, tvtime_home_t, tvtime_tmp_t, tvtime_tmpfs_t, udev_tmp_t, udev_var_run_t, ulogd_var_log_t, uml_ro_t, uml_rw_t, uml_tmp_t, uml_tmpfs_t, unconfined_munin_plugin_tmp_t, usbfs_t, user_cron_spool_t, user_fonts_cache_t, user_fonts_config_t, user_fonts_t, user_home_t, user_mail_tmp_t, user_tmp_t, usr_t, uucpd_log_t, uucpd_tmp_t, var_log_t, var_spool_t, varnishd_tmp_t, varnishlog_log_t, vdagent_log_t, virt_content_t, virt_home_t, virt_log_t, virt_qemu_ga_log_t, virt_qemu_ga_tmp_t, virt_tmp_t, virt_var_lib_t, vmblock_t, vmtools_tmp_t, vmware_conf_t, vmware_file_t, vmware_host_tmp_t, vmware_log_t, vmware_tmp_t, vmware_tmpfs_t, vpnc_tmp_t, w3c_validator_tmp_t, watchdog_log_t, webadm_tmp_t, webalizer_tmp_t, winbind_log_t, wine_home_t, wireshark_home_t, wireshark_tmp_t, wireshark_tmpfs_t, wtmp_t, xauth_home_t, xauth_tmp_t, xdm_home_t, xdm_log_t, xdm_var_lib_t, xdm_var_run_t, xend_tmp_t, xend_var_log_t, xenfs_t, xenstored_tmp_t, xenstored_var_log_t, xferlog_t, xserver_log_t, xserver_tmpfs_t, ypbind_tmp_t, ypserv_tmp_t, zabbix_log_t, zabbix_tmp_t, zarafa_deliver_log_t, zarafa_deliver_tmp_t, zarafa_gateway_log_t, zarafa_ical_log_t, zarafa_indexer_log_t, zarafa_indexer_tmp_t, zarafa_monitor_log_t, zarafa_server_log_t, zarafa_server_tmp_t, zarafa_spooler_log_t, zarafa_var_lib_t, zebra_log_t, zebra_tmp_t, zoneminder_log_t, zoneminder_tmpfs_t. 
Führen Sie danach Folgendes aus: 
restorecon -v '/var/lib/flatpak/exports/share/mime/mime.cache'


*****  Plugin catchall (17.1 confidence) suggests   **************************

Wenn Sie denken, dass es colord standardmäßig erlaubt sein sollte, getattr Zugriff auf mime.cache file zu erhalten.
Then sie sollten dies als Fehler melden.
Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen.
Do
zugriff jetzt erlauben, indem Sie die nachfolgenden Befehle ausführen:
# ausearch -c 'colord' --raw | audit2allow -M my-colord
# semodule -X 300 -i my-colord.pp

Additional Information:
Source Context                system_u:system_r:colord_t:s0
Target Context                system_u:object_r:var_lib_t:s0
Target Objects                /var/lib/flatpak/exports/share/mime/mime.cache [
                              file ]
Source                        colord
Source Path                   colord
Port                          <Unbekannt>
Host                          (removed)
Source RPM Packages           
Target RPM Packages           
SELinux Policy RPM            selinux-policy-targeted-3.14.6-33.fc33.noarch
Local Policy RPM              selinux-policy-targeted-3.14.6-33.fc33.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Host Name                     (removed)
Platform                      Linux (removed) 5.10.7-200.fc33.x86_64 #1 SMP Tue
                              Jan 12 20:20:11 UTC 2021 x86_64 x86_64
Alert Count                   4
First Seen                    2021-01-16 13:08:41 CET
Last Seen                     2021-01-17 21:29:46 CET
Local ID                      4f7e6929-cb69-4dcb-9201-ab5c910e276a

Raw Audit Messages
type=AVC msg=audit(1610915386.118:166): avc:  denied  { getattr } for  pid=905 comm="colord" path="/var/lib/flatpak/exports/share/mime/mime.cache" dev="dm-0" ino=4456476 scontext=system_u:system_r:colord_t:s0 tcontext=system_u:object_r:var_lib_t:s0 tclass=file permissive=1


Hash: colord,colord_t,var_lib_t,file,getattr

Version-Release number of selected component:
selinux-policy-targeted-3.14.6-33.fc33.noarch

Additional info:
component:      selinux-policy
reporter:       libreport-2.14.0
hashmarkername: setroubleshoot
kernel:         5.10.7-200.fc33.x86_64
type:           libreport

Potential duplicate: bug 738636

Comment 1 krinkodot22 2021-01-17 21:39:19 UTC
Similar problem has been detected:

After updating selinux-policy & selinux-policy-targeted to 3.14.6-34, this SELinux alert happens on every boot.

I already tried relabeling the system, running `sudo flatpak repair`, and reinstalling selinux-policy & selinux-policy-targeted, but to no avail.

Potential duplicates:
https://bugzilla.redhat.com/show_bug.cgi?id=1917172
https://bugzilla.redhat.com/show_bug.cgi?id=1917173
https://bugzilla.redhat.com/show_bug.cgi?id=1917174

hashmarkername: setroubleshoot
kernel:         5.10.7-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-34.fc33.noarch
reason:         SELinux is preventing colord from 'getattr' accesses on the file /var/lib/flatpak/exports/share/mime/magic.
type:           libreport

Comment 2 James 2021-01-18 19:49:04 UTC
Similar problem has been detected:

Updated system to colord-1.4.5-1.fc33.x86_64, selinux-policy-targeted-3.14.6-34.fc33.noarch

hashmarkername: setroubleshoot
kernel:         5.10.7-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-34.fc33.noarch
reason:         SELinux is preventing colord from 'getattr' accesses on the file /var/lib/flatpak/exports/share/mime/magic.
type:           libreport

Comment 3 relentless.1980 2021-01-19 07:46:48 UTC
Similar problem has been detected:

This happen on ervery Power On. I have a custom icc profile installed under ~/.local/share/icc/profile.icc

hashmarkername: setroubleshoot
kernel:         5.10.7-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-34.fc33.noarch
reason:         SELinux is preventing colord from 'getattr' accesses on the file /var/lib/flatpak/exports/share/mime/magic.
type:           libreport

Comment 4 bendem 2021-01-20 08:23:42 UTC
Similar problem has been detected:

After a reboot into a new kernels and a new gnome-shell.

hashmarkername: setroubleshoot
kernel:         5.10.7-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-34.fc33.noarch
reason:         SELinux is preventing colord from 'getattr' accesses on the file /var/lib/flatpak/exports/share/mime/magic.
type:           libreport

Comment 5 Alex Finkel 2021-01-20 13:06:28 UTC
Similar problem has been detected:

I get a number of these upon logging in after a power cycle since the recent Flatpak and selinux-policy updates

hashmarkername: setroubleshoot
kernel:         5.10.7-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-34.fc33.noarch
reason:         SELinux is preventing colord from 'getattr' accesses on the file /var/lib/flatpak/exports/share/mime/magic.
type:           libreport

Comment 6 Doncho Gunchev 2021-02-17 12:10:30 UTC
Similar problem has been detected:

Every reboot (and login?).

hashmarkername: setroubleshoot
kernel:         5.10.15-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-34.fc33.noarch
reason:         SELinux is preventing colord from 'getattr' accesses on the file /var/lib/flatpak/exports/share/mime/mime.cache.
type:           libreport

Comment 7 Tony 2021-02-26 21:24:38 UTC
Similar problem has been detected:

Logged into freshly booted Fedora 33 Gnome desktop.

hashmarkername: setroubleshoot
kernel:         5.10.17-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-34.fc33.noarch
reason:         SELinux is preventing colord from 'getattr' accesses on the file /var/lib/flatpak/exports/share/mime/magic.
type:           libreport

Comment 8 krinkodot22 2021-03-06 21:57:05 UTC
Not fixed after upgrading to selinux-policy-targeted from 3.14.6-34 to 3.14.6-35.

Comment 9 krinkodot22 2021-03-22 03:39:24 UTC
Similar problem has been detected:

Turned computer on after upgrading to flatpak{,-libs,-selinux,-session-helper} from 1.8.2-2 to 1.10.2-1.

hashmarkername: setroubleshoot
kernel:         5.11.7-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-35.fc33.noarch
reason:         SELinux is preventing colord from 'getattr' accesses on the file /var/lib/flatpak/exports/share/mime/magic.
type:           libreport

Comment 10 Zdenek Pytela 2021-04-14 19:08:11 UTC

*** This bug has been marked as a duplicate of bug 1916652 ***


Note You need to log in before you can comment on or make changes to this bug.