The following was filed automatically by setroubleshoot: Résumé: SELinux is preventing /usr/bin/gdb "read" access on firefox. Description détaillée: [gdb has a permissive type (abrt_t). This access was not denied.] SELinux denied access requested by gdb. It is not expected that this access is required by gdb and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Autoriser l'accès: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Informations complémentaires: Contexte source system_u:system_r:abrt_t:s0 Contexte cible system_u:object_r:mozilla_exec_t:s0 Objets du contexte firefox [ file ] source gdb Chemin de la source /usr/bin/gdb Port <Inconnu> Hôte (removed) Paquetages RPM source gdb-6.8.50.20090910-1.fc12 Paquetages RPM cible Politique RPM selinux-policy-3.6.31-2.fc12 Selinux activé True Type de politique targeted MLS activé True Mode strict Enforcing Nom du plugin catchall Nom de l'hôte (removed) Plateforme Linux (removed) 2.6.31-2.fc12.x86_64 #1 SMP Thu Sep 10 00:25:40 EDT 2009 x86_64 x86_64 Compteur d'alertes 2 Première alerte ven. 11 sept. 2009 21:24:11 CEST Dernière alerte ven. 11 sept. 2009 21:24:11 CEST ID local 008dca0a-5b8c-47c4-a644-91e1a468ef4f Numéros des lignes Messages d'audit bruts node=(removed) type=AVC msg=audit(1252697051.17:78): avc: denied { read } for pid=3689 comm="gdb" name="firefox" dev=dm-3 ino=283039 scontext=system_u:system_r:abrt_t:s0 tcontext=system_u:object_r:mozilla_exec_t:s0 tclass=file node=(removed) type=AVC msg=audit(1252697051.17:78): avc: denied { open } for pid=3689 comm="gdb" name="firefox" dev=dm-3 ino=283039 scontext=system_u:system_r:abrt_t:s0 tcontext=system_u:object_r:mozilla_exec_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1252697051.17:78): arch=c000003e syscall=2 success=yes exit=0 a0=7fffbb509d70 a1=0 a2=feff a3=fffffffffffffff0 items=0 ppid=1822 pid=3689 auid=4294967295 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=4294967295 comm="gdb" exe="/usr/bin/gdb" subj=system_u:system_r:abrt_t:s0 key=(null) audit2allow suggests: #============= abrt_t ============== allow abrt_t mozilla_exec_t:file { read open };
Fixed in selinux-policy-3.6.31-2.fc12.noarch