The following was filed automatically by setroubleshoot: Résumé: SELinux is preventing /usr/bin/sound-juicer "execstack" access on <Unknown>. Description détaillée: SELinux denied access requested by sound-juicer. The current boolean settings do not allow this access. If you have not setup sound-juicer to require this access this may signal an intrusion attempt. If you do intend this access you need to change the booleans on this system to allow the access. Autoriser l'accès: Confined processes can be configured to run requiring different access, SELinux provides booleans to allow you to turn on/off access as needed. The boolean allow_execstack is set incorrectly. Boolean Description: Allow unconfined executables to make their stack executable. This should never, ever be necessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla") Commande de correction: # setsebool -P allow_execstack 1 Informations complémentaires: Contexte source unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Contexte cible unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Objets du contexte None [ process ] source totem Chemin de la source /usr/bin/totem Port <Inconnu> Hôte (removed) Paquetages RPM source sound-juicer-2.26.1-5.fc12 Paquetages RPM cible Politique RPM selinux-policy-3.6.32-1.fc12 Selinux activé True Type de politique targeted MLS activé True Mode strict Enforcing Nom du plugin catchall_boolean Nom de l'hôte (removed) Plateforme Linux (removed) 2.6.31-17.fc12.x86_64 #1 SMP Wed Sep 16 00:52:52 EDT 2009 x86_64 x86_64 Compteur d'alertes 89 Première alerte jeu. 17 sept. 2009 00:39:23 CEST Dernière alerte jeu. 17 sept. 2009 00:44:09 CEST ID local f5597003-5ca8-4504-b769-f19de4fe5d91 Numéros des lignes Messages d'audit bruts node=(removed) type=AVC msg=audit(1253141049.265:334): avc: denied { execstack } for pid=3408 comm="sound-juicer" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process node=(removed) type=SYSCALL msg=audit(1253141049.265:334): arch=c000003e syscall=10 success=no exit=-13 a0=7fff23f68000 a1=1000 a2=1000007 a3=7f9c91c27af9 items=0 ppid=1 pid=3408 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="sound-juicer" exe="/usr/bin/sound-juicer" subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null) audit2allow suggests: #============= unconfined_t ============== allow unconfined_t self:process execstack;
while playing a simple cd
Sound Juicer should not require execstack. Nicolas you can turn on the boolean to listen to the cd.
Why does it say "totem" at one point and "sound-juicer" for the other? In any case, this is likely due to 3rd party plugins. Remove your gstreamer plugins from /usr/lib*/gstreamer-0.10 one-by-one to see which one is causing problems. I'd start by removing gstreamer-ffmpeg and the -bad and -ugly variants, and see if you can reproduce the problem.
totem versus sound-juicer looks like a bug in setroubleshoot. The avc is about sound-juicer
This bug appears to have been reported against 'rawhide' during the Fedora 12 development cycle. Changing version to '12'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Haven't seen those for a long time