Souhrn: SELinux is preventing /usr/lib64/chromium-browser/chromium-browser "read" access on /home/matej/.fonts/arial.ttf. Podrobný popis: [SELinux is in permissive mode. This access was not denied.] SELinux denied access requested by chromium-browse. It is not expected that this access is required by chromium-browse and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Povolení přístupu: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Další informace: Kontext zdroje unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c 0.c1023 Kontext cíle unconfined_u:object_r:user_fonts_t:s0 Objekty cíle /home/matej/.fonts/arial.ttf [ file ] Zdroj chromium-browse Cesta zdroje /usr/lib64/chromium-browser/chromium-browser Port <Neznámé> Počítač (removed) RPM balíčky zdroje chromium-4.0.220.0-0.1.20090930svn27599.fc12 RPM balíčky cíle RPM politiky selinux-policy-3.6.32-24.fc12 Selinux povolen True Typ politiky targeted MLS povoleno True Vynucovací režim Permissive Název zásuvného modulu catchall Název počítače (removed) Platforma Linux (removed) 2.6.31.1-58.fc12.x86_64 #1 SMP Fri Oct 2 16:17:33 EDT 2009 x86_64 x86_64 Počet upozornění 1 Poprvé viděno Út 13. říjen 2009, 22:18:47 CEST Naposledy viděno Út 13. říjen 2009, 22:18:47 CEST Místní ID 0f2bfd27-3c5f-4aa7-ab94-05cdd8998c2b Čísla řádků Původní zprávy auditu node=(removed) type=AVC msg=audit(1255465127.435:34186): avc: denied { read } for pid=10490 comm="chromium-browse" path="/home/matej/.fonts/arial.ttf" dev=dm-9 ino=8464 scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_fonts_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1255465127.435:34186): arch=c000003e syscall=47 per=400000 success=yes exit=8 a0=14 a1=7fff86c847b0 a2=0 a3=18 items=0 ppid=1 pid=10490 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=10 comm="chromium-browse" exe="/usr/lib64/chromium-browser/chromium-browser" subj=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.32-24.fc12,catchall,chromium-browse,chrome_sandbox_t,user_fonts_t,file,read audit2allow suggests: #============= chrome_sandbox_t ============== allow chrome_sandbox_t user_fonts_t:file read;
Fixed in selinux-policy-3.6.32-26.fc12.noarch
*** Bug 528814 has been marked as a duplicate of this bug. ***