Bug 489097 - Firefox seems to be crashing on Rawhide/SELinux (execmem)
Firefox seems to be crashing on Rawhide/SELinux (execmem)
Status: CLOSED DUPLICATE of bug 512845
Product: Fedora
Classification: Fedora
Component: firefox (Show other bugs)
All Linux
high Severity medium
: ---
: ---
Assigned To: Martin Stransky
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2009-03-07 10:07 EST by Daniel Walsh
Modified: 2009-09-29 06:46 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2009-09-29 06:46:34 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Daniel Walsh 2009-03-07 10:07:24 EST
Description of problem:

time->Sat Mar  7 09:59:23 2009
type=SYSCALL msg=audit(1236437963.566:1057): arch=c000003e syscall=10 success=no exit=2039005144 a0=7f766dadb000 a1=1000 a2=5 a3=8b items=0 ppid=26147 pid=26164 auid=3267 uid=3267 gid=3267 euid=3267 suid=3267 fsuid=3267 egid=3267 sgid=3267 fsgid=3267 tty=(none) ses=1 comm="firefox" exe="/usr/lib64/firefox-3.1b2/firefox" subj=staff_u:staff_r:staff_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1236437963.566:1057): avc:  denied  { execmem } for  pid=26164 comm="firefox" scontext=staff_u:staff_r:staff_t:s0-s0:c0.c1023 tcontext=staff_u:staff_r:staff_t:s0-s0:c0.c1023 tclass=process

Not sure if this is caused by flash or not (probably).  Although I am not seeing nsplugin running


/usr/bin/mozilla-plugin-config -l

File/Link /usr/lib/mozilla/plugins-wrapped/nphelix.xpt
File/Link /usr/lib/mozilla/plugins-wrapped/nphelix.so
File/Link /usr/lib/mozilla/plugins-wrapped/libflashplayer.so
File/Link /usr/lib64/mozilla/plugins-wrapped/libtotem-gmp-plugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/libjavaplugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/libtotem-narrowspace-plugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/libtotem-mully-plugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/librhythmbox-itms-detection-plugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/libtotem-cone-plugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/libtotem-gmp-plugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/libjavaplugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/libtotem-narrowspace-plugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/libtotem-mully-plugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/librhythmbox-itms-detection-plugin.so
File/Link /usr/lib64/mozilla/plugins-wrapped/libtotem-cone-plugin.so
Comment 1 Daniel Walsh 2009-03-07 10:40:28 EST
This seems to be a problem with nsplugin interaction.  Through SELinux I saw nsplugin_config gets run but the library was being loaded into firefox executable.   I was running the experimental 64 bit flashplugin.  I removed this plugin and installed the 32 bit plugin and saw this on running firefox.

firefox www.boston.com/sports
LoadPlugin: failed to initialize shared library /usr/lib/flash-plugin/libflashplayer.so [/usr/lib/flash-plugin/libflashplayer.so: wrong ELF class: ELFCLASS32]

So not sure if this is a nsplugin or firefox bug.
Comment 2 Martin Stransky 2009-03-10 10:03:40 EDT
If you want to run 32-bit plugin inside 64-bit firefox you have to install nspluginwrapper.i386 too.
Comment 3 Martin Stransky 2009-03-10 10:06:21 EDT
[/usr/lib/flash-plugin/libflashplayer.so: wrong ELF class: ELFCLASS32]

- it's caused because libflashplayer.so is somehow located in firefox plugin dir (usually by symlink from your profile or firefox install dir, it's done by flash install script)
Comment 4 Daniel Walsh 2009-03-10 11:47:34 EDT
I have nspluginwrapper installed, It says it is wrapping this file, but it is not working.  I even see nsplugin-config touch the file,  But something is going wrong.
Comment 5 Bug Zapper 2009-06-09 07:59:10 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.

More information and reason for this action is here:
Comment 6 Martin Stransky 2009-09-29 06:46:34 EDT

*** This bug has been marked as a duplicate of bug 512845 ***

Note You need to log in before you can comment on or make changes to this bug.