Bug 470666 - AVC messages are generated when I open a URL from within Alpine
AVC messages are generated when I open a URL from within Alpine
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2008-11-08 11:54 EST by Tom Diehl
Modified: 2009-04-02 00:44 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-04-02 00:44:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
AVC generated in the audit log (1.28 KB, text/plain)
2008-11-08 11:54 EST, Tom Diehl
no flags Details

  None (edit)
Description Tom Diehl 2008-11-08 11:54:27 EST
Created attachment 322955 [details]
AVC generated in the audit log

Description of problem:
When I open a url I received in an email from within alpine I get an AVC messages about a file in my homedir being mislabeled. I ran resrorecon on my home dir as suggested in setroubleshoot but I still get the AVC. When I do the above the URL does open in firefox as expected.

Version-Release number of selected component (if applicable):
(tigger pts2) $ rpm -qa | grep -i selinux
(tigger pts2) $ rpm -qa | grep -i alpine
(tigger pts2) $ rpm -qa | grep -i firefox
(tigger pts2) $

How reproducible:
Every time

Steps to Reproduce:
1. Click on a URL in an email from within alpine.
Actual results:
AVC generated

Expected results:

Additional info: In addition I ran setenforce 0 ; restorecon -v -R / ; setenforce 1 to be sure this was not mislabeled files.
Comment 1 Daniel Walsh 2008-11-10 10:42:01 EST
I can allow nsplugin_config to read user content.
Fixed in selinux-policy-3.5.13-19.fc10

But the named_conf_t seems to be a mislabeled file.  Did you relabel a directory named_conf_t.  It does not make sense that nsplugin would be looking in a directory labeled named_conf_t?
Comment 2 Tom Diehl 2008-11-10 22:06:18 EST
Thanks for the updated policy.

To answer your question, No I did not relabel any directories. I ran restorecon -vR / prior to the last policy update. I just rebooted the machine and set it to automatically relabel the machine. I will see if that fixes the problem.
Comment 3 Bug Zapper 2008-11-26 00:03:11 EST
This bug appears to have been reported against 'rawhide' during the Fedora 10 development cycle.
Changing version to '10'.

More information and reason for this action is here:

Note You need to log in before you can comment on or make changes to this bug.