Description of problem: SELinux is preventing exe-thumbnailer from 'write' accesses on the sock_file abrt.socket. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that exe-thumbnailer should be allowed write access on the abrt.socket sock_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'exe-thumbnailer' --raw | audit2allow -M my-exethumbnailer # semodule -X 300 -i my-exethumbnailer.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context system_u:object_r:abrt_var_run_t:s0 Target Objects abrt.socket [ sock_file ] Source exe-thumbnailer Source Path exe-thumbnailer Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-42.19-1.fc43.noarch Local Policy RPM selinux-policy-targeted-42.19-1.fc43.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 6.17.11-300.fc43.x86_64 #1 SMP PREEMPT_DYNAMIC Mon Dec 8 23:20:36 UTC 2025 x86_64 Alert Count 8 First Seen 2026-01-27 11:31:19 EST Last Seen 2026-01-27 12:22:29 EST Local ID 23371ecf-25d3-49fb-84fa-58a58695c287 Raw Audit Messages type=AVC msg=audit(1769534549.819:253): avc: denied { write } for pid=12587 comm="exe-thumbnailer" name="abrt.socket" dev="tmpfs" ino=3187 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=system_u:object_r:abrt_var_run_t:s0 tclass=sock_file permissive=0 Hash: exe-thumbnailer,thumb_t,abrt_var_run_t,sock_file,write SELinux is preventing exe-thumbnailer from 'write' accesses on the sock_file abrt.socket. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that exe-thumbnailer should be allowed write access on the abrt.socket sock_file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'exe-thumbnailer' --raw | audit2allow -M my-exethumbnailer # semodule -X 300 -i my-exethumbnailer.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context system_u:object_r:abrt_var_run_t:s0 Target Objects abrt.socket [ sock_file ] Source exe-thumbnailer Source Path exe-thumbnailer Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages SELinux Policy RPM selinux-policy-targeted-42.19-1.fc43.noarch Local Policy RPM selinux-policy-targeted-42.19-1.fc43.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 6.17.11-300.fc43.x86_64 #1 SMP PREEMPT_DYNAMIC Mon Dec 8 23:20:36 UTC 2025 x86_64 Alert Count 8 First Seen 2026-01-27 11:31:19 EST Last Seen 2026-01-27 12:22:29 EST Local ID 23371ecf-25d3-49fb-84fa-58a58695c287 Raw Audit Messages type=AVC msg=audit(1769534549.819:253): avc: denied { write } for pid=12587 comm="exe-thumbnailer" name="abrt.socket" dev="tmpfs" ino=3187 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=system_u:object_r:abrt_var_run_t:s0 tclass=sock_file permissive=0 Hash: exe-thumbnailer,thumb_t,abrt_var_run_t,sock_file,write Version-Release number of selected component: selinux-policy-targeted-42.19-1.fc43.noarch Additional info: reporter: libreport-2.17.15 reason: SELinux is preventing exe-thumbnailer from 'write' accesses on the sock_file abrt.socket. package: selinux-policy-targeted-42.19-1.fc43.noarch component: selinux-policy hashmarkername: setroubleshoot type: libreport kernel: 6.17.11-300.fc43.x86_64 component: selinux-policy
Created attachment 2123964 [details] File: description
Created attachment 2123965 [details] File: os_info
*** Bug 2435695 has been marked as a duplicate of this bug. ***
*** Bug 2435813 has been marked as a duplicate of this bug. ***
*** Bug 2435815 has been marked as a duplicate of this bug. ***
*** Bug 2435816 has been marked as a duplicate of this bug. ***
FEDORA-2026-3439e5656a (selinux-policy-42.23-1.fc43) has been submitted as an update to Fedora 43. https://bodhi.fedoraproject.org/updates/FEDORA-2026-3439e5656a
FEDORA-2026-3439e5656a (selinux-policy-42.23-1.fc43) has been pushed to the Fedora 43 stable repository. If problem still persists, please make note of it in this bug report.