Description of problem: SELinux is preventing atril-thumbnail from using the 'fowner' capabilities. ***** Plugin catchall (100. confidence) suggests ************************** Se ci credi atril-thumbnail dovrebbe avere il fowner capacità di default. Then si dovrebbe riportare il problema come bug. E' possibile generare un modulo di politica locale per consentire questo accesso. Do consentire questo accesso per ora eseguendo: # ausearch -c 'atril-thumbnail' --raw | audit2allow -M my-$MODULE_NOME # semodule -X 300 -i miei-atrilthumbnail.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Objects Sconosciuto [ capability ] Source atril-thumbnail Source Path atril-thumbnail Port <Sconosciuto> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-38.24-1.fc38.noarch Local Policy RPM selinux-policy-targeted-38.24-1.fc38.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 6.4.9-200.fc38.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Aug 8 21:21:11 UTC 2023 x86_64 Alert Count 1 First Seen 2023-08-12 12:04:15 CEST Last Seen 2023-08-12 12:04:15 CEST Local ID 672d6e9d-680c-4151-bb2b-76ecce47f422 Raw Audit Messages type=AVC msg=audit(1691834655.557:997): avc: denied { fowner } for pid=290327 comm="atril-thumbnail" capability=3 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tclass=capability permissive=1 Hash: atril-thumbnail,thumb_t,thumb_t,capability,fowner Version-Release number of selected component: selinux-policy-targeted-38.24-1.fc38.noarch Additional info: reporter: libreport-2.17.11 reason: SELinux is preventing atril-thumbnail from using the 'fowner' capabilities. package: selinux-policy-targeted-38.24-1.fc38.noarch component: selinux-policy hashmarkername: setroubleshoot type: libreport kernel: 6.4.9-200.fc38.x86_64 component: selinux-policy
Created attachment 1983110 [details] File: description
Created attachment 1983111 [details] File: os_info
Fedora Linux 38 entered end-of-life (EOL) status on 2024-05-21. Fedora Linux 38 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora Linux please feel free to reopen this bug against that version. Note that the version field may be hidden. Click the "Show advanced fields" button if you do not see the version field. If you are unable to reopen this bug, please file a new report against an active release. Thank you for reporting this bug and we are sorry it could not be fixed.