The following was filed automatically by setroubleshoot: Zusammenfassung: SELinux is preventing /usr/lib/firefox-3.5.2/firefox (deleted) from changing a writable memory segment executable. Detaillierte Beschreibung: [firefox has a permissive type (unconfined_t). This access was not denied.] The firefox application attempted to change the access protection of memory (e.g., allocated using malloc). This is a potential security problem. Applications should not be doing this. Applications are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests (http://people.redhat.com/drepper/selinux-mem.html) web page explains how to remove this requirement. If firefox does not work and you need it to work, you can configure SELinux temporarily to allow this access until the application is fixed. Please file a bug report against this package. Zugriff erlauben: If you trust firefox to run correctly, you can change the context of the executable to execmem_exec_t. "chcon -t execmem_exec_t '/usr/lib/firefox-3.5.2/firefox (deleted)'". You must also change the default file context files on the system in order to preserve them even on a full relabel. "semanage fcontext -a -t execmem_exec_t '/usr/lib/firefox-3.5.2/firefox (deleted)'" Fixer Befehl: chcon -t execmem_exec_t '/usr/lib/firefox-3.5.2/firefox (deleted)' Zusätzliche Informationen: Quellkontext unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Zielkontext unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Zielobjekte None [ process ] Quelle firefox Quellen-Pfad /usr/lib/firefox-3.5.2/firefox Port <Unbekannt> Host (removed) Quellen-RPM-Pakete Ziel-RPM-Pakete RPM-Richtlinie selinux-policy-3.6.31-2.fc12 SELinux aktiviert True Richtlinienversion targeted MLS aktiviert True Enforcing-Modus Enforcing Plugin-Name allow_execmem Hostname (removed) Plattform Linux (removed) 2.6.31-2.fc12.i686 #1 SMP Thu Sep 10 00:41:03 EDT 2009 i686 i686 Anzahl der Alarme 3 Zuerst gesehen Fr 11 Sep 2009 11:31:50 CEST Zuletzt gesehen Fr 11 Sep 2009 16:17:17 CEST Lokale ID 43dc4fb9-4648-40c9-88ed-d349857e4e1b Zeilennummern Raw-Audit-Meldungen node=(removed) type=AVC msg=audit(1252678637.197:80): avc: denied { execmem } for pid=2798 comm="firefox" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process node=(removed) type=SYSCALL msg=audit(1252678637.197:80): arch=40000003 syscall=125 success=yes exit=0 a0=3d1f000 a1=1000 a2=7 a3=b7b7b000 items=0 ppid=2783 pid=2798 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="firefox" exe=2F7573722F6C69622F66697265666F782D332E352E322F66697265666F78202864656C6574656429 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= unconfined_t ============== allow unconfined_t self:process execmem;
Are you running flash or some plugin that is causing firefox to need execmem? What is the label on firefox ls -lZ /usr/lib/firefox-3.5.2/firefox You can you install nspluginwrapper, and turn on allow_unconfined_nsplugin_transition boolean.
Actually if you turn off the allow_unconfined_nsplugin_transition boolean. This should work for you. setsebool -P allow_unconfined_nsplugin_transition 0
Yes, I was running Firefox with Adobe flash. bash-4.0$ ls -lZ /usr/lib/firefox-3.5.2/firefox -rwxr-xr-x. root root system_u:object_r:mozilla_exec_t:s0 /usr/lib/firefox-3.5.2/firefox SElinux dont start after your solution.
I don't know what you mean SELinux dont start after your solution The machine does not boot? Firefox will not start? Which solution did you do?
I did setsebool -P allow_unconfined_nsplugin_transition 0 And then no more "SElinux Security Alert" starts after run firefox.