Description of problem: SELinux is preventing gdk-pixbuf-thum from 'read' accesses on the chr_file /dev/null. ***** Plugin catchall (100. confidence) suggests ************************** Wenn Sie denken, dass es gdk-pixbuf-thum standardmäßig erlaubt sein sollte, read Zugriff auf null chr_file zu erhalten. Then sie sollten dies als Fehler melden. Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. Do zugriff jetzt erlauben, indem Sie die nachfolgenden Befehle ausführen: # ausearch -c 'gdk-pixbuf-thum' --raw | audit2allow -M my-gdkpixbufthum # semodule -X 300 -i my-gdkpixbufthum.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context system_u:object_r:container_file_t:s0:c328,c729 Target Objects /dev/null [ chr_file ] Source gdk-pixbuf-thum Source Path gdk-pixbuf-thum Port <Unbekannt> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-38.17-1.fc38.noarch Local Policy RPM selinux-policy-targeted-38.17-1.fc38.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 6.3.8-200.fc38.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Jun 15 02:15:40 UTC 2023 x86_64 Alert Count 1 First Seen 2023-06-25 00:42:08 CEST Last Seen 2023-06-25 00:42:08 CEST Local ID aee6a240-bbcd-48df-b85e-85d5eaf2cf9a Raw Audit Messages type=AVC msg=audit(1687646528.703:5921): avc: denied { read } for pid=36533 comm="gdk-pixbuf-thum" path="/dev/null" dev="devtmpfs" ino=4 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=system_u:object_r:container_file_t:s0:c328,c729 tclass=chr_file permissive=0 Hash: gdk-pixbuf-thum,thumb_t,container_file_t,chr_file,read Version-Release number of selected component: selinux-policy-targeted-38.17-1.fc38.noarch Additional info: reporter: libreport-2.17.10 reason: SELinux is preventing gdk-pixbuf-thum from 'read' accesses on the chr_file /dev/null. package: selinux-policy-targeted-38.17-1.fc38.noarch component: selinux-policy hashmarkername: setroubleshoot type: libreport kernel: 6.3.8-200.fc38.x86_64 component: selinux-policy
Created attachment 1972413 [details] File: description
Created attachment 1972414 [details] File: os_info
Fedora Linux 38 entered end-of-life (EOL) status on 2024-05-21. Fedora Linux 38 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora Linux please feel free to reopen this bug against that version. Note that the version field may be hidden. Click the "Show advanced fields" button if you do not see the version field. If you are unable to reopen this bug, please file a new report against an active release. Thank you for reporting this bug and we are sorry it could not be fixed.