Résumé: SELinux is preventing /usr/lib/chromium-browser/chrome-sandbox "getattr" access on /proc/. Description détaillée: [chrome-sandbox a un type permissif (chrome_sandbox_t). Cet accès n'a pas été refusé.] SELinux denied access requested by chrome-sandbox. It is not expected that this access is required by chrome-sandbox and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Autoriser l'accès: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Please file a bug report. Informations complémentaires: Contexte source unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c 0.c1023 Contexte cible system_u:system_r:cupsd_t:s0-s0:c0.c1023 Objets du contexte /proc/<pid> [ dir ] source chrome-sandbox Chemin de la source /usr/lib/chromium-browser/chrome-sandbox Port <Inconnu> Hôte (removed) Paquetages RPM source chromium-4.0.252.0-0.1.20091119svn32498.fc12 Paquetages RPM cible Politique RPM selinux-policy-3.6.32-46.fc12 Selinux activé True Type de politique targeted Mode strict Enforcing Nom du plugin catchall Nom de l'hôte (removed) Plateforme Linux (removed) 2.6.31.6-134.fc12.i686.PAE #1 SMP Mon Nov 16 20:53:21 EST 2009 i686 athlon Compteur d'alertes 1 Première alerte sam. 21 nov. 2009 14:31:44 CET Dernière alerte sam. 21 nov. 2009 14:31:44 CET ID local 3dcf2790-627c-48e1-849a-1d0b3fd785eb Numéros des lignes Messages d'audit bruts node=(removed) type=AVC msg=audit(1258810304.102:24): avc: denied { getattr } for pid=2591 comm="chrome-sandbox" path="/proc/1016" dev=proc ino=9794 scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 tcontext=system_u:system_r:cupsd_t:s0-s0:c0.c1023 tclass=dir node=(removed) type=SYSCALL msg=audit(1258810304.102:24): arch=40000003 syscall=195 success=yes exit=0 a0=bf9f424c a1=bf9f41e4 a2=a80ff4 a3=bf9f5a1f items=0 ppid=2585 pid=2591 auid=500 uid=500 gid=500 euid=0 suid=0 fsuid=0 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="chrome-sandbox" exe="/usr/lib/chromium-browser/chrome-sandbox" subj=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.32-46.fc12,catchall,chrome-sandbox,chrome_sandbox_t,cupsd_t,dir,getattr audit2allow suggests: #============= chrome_sandbox_t ============== allow chrome_sandbox_t cupsd_t:dir getattr;
*** This bug has been marked as a duplicate of bug 539754 ***