Description of problem: attempted to install Adobe Media Player via Firefox. Installer asked for and received root password. SELinux generated an AVC. Version-Release number of selected component (if applicable): selinux-policy-targeted-3.3.1-107.fc9 How reproducible: Steps to Reproduce: 1. Go to http://www.adobe.com/products/flash/about/ 2. Click on link to install Adobe Media Player Actual results: Install failed. Expected results: Install succeeded. Additional info: Detailed Description: SELinux denied access requested by sh. It is not expected that this access is required by sh and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Additional Information: Source Context unconfined_u:system_r:unconfined_execmem_t :SystemLow-SystemHigh Target Context unconfined_u:system_r:rpm_script_t:SystemLow- SystemHigh Target Objects /bin/bash [ process ] Source sh Source Path /bin/bash Port <Unknown> Host localhost Source RPM Packages bash-3.2-22.fc9 Target RPM Packages bash-3.2-22.fc9 Policy RPM selinux-policy-3.3.1-107.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Permissive Plugin Name catchall Host Name localhost Platform Linux localhost 2.6.27.5-37.fc9.i686 #1 SMP Wed Nov 12 18:56:28 EST 2008 i686 i686 Alert Count 1 First Seen Wed 19 Nov 2008 08:43:25 PM CET Last Seen Wed 19 Nov 2008 08:45:48 PM CET Local ID 285f8518-016d-49b0-9475-8df84d8a41de Line Numbers Raw Audit Messages node=localhost type=AVC msg=audit(1227123948.320:1352): avc: denied { transition } for pid=15005 comm="rpm" path="/bin/bash" dev=dm-0 ino=688416 scontext=unconfined_u:system_r:unconfined_execmem_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:rpm_script_t:s0-s0:c0.c1023 tclass=process node=localhost type=SYSCALL msg=audit(1227123948.320:1352): arch=40000003 syscall=11 success=yes exit=0 a0=916ed8a a1=bfd97ca0 a2=9164718 a3=0 items=2 ppid=14981 pid=15005 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=2 comm="sh" exe="/bin/bash" subj=unconfined_u:system_r:rpm_script_t:s0-s0:c0.c1023 key=(null) node=localhost type=CWD msg=audit(1227123948.320:1352): cwd="/" node=localhost type=PATH msg=audit(1227123948.320:1352): item=0 name="/bin/sh" inode=688416 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:shell_exec_t:s0 node=localhost type=PATH msg=audit(1227123948.320:1352): item=1 name=(null) inode=1409033 dev=fd:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0
This looks like you changed the context on firefox to unconfined_execmem_exec_t which is the wrong thing to do. Please remove this mapping and allow firefox to run under unconfined_t. Everything should work.