Hide Forgot
libreport version: 2.0.10 executable: /usr/bin/python hashmarkername: setroubleshoot kernel: 3.3.0-5.fc17.i686 time: Thu 29 Mar 2012 07:38:10 PM CEST description: :SELinux is preventing nspluginviewer from 'create' accesses on the file paypalLSO.sxx. : :***** Plugin catchall (100. confidence) suggests *************************** : :If you believe that nspluginviewer should be allowed create access on the paypalLSO.sxx file by default. :Then you should report this as a bug. :You can generate a local policy module to allow this access. :Do :allow this access for now by executing: :# grep nspluginviewer /var/log/audit/audit.log | audit2allow -M mypol :# semodule -i mypol.pp : :Additional Information: :Source Context unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c : 0.c1023 :Target Context unconfined_u:object_r:user_home_t:s0 :Target Objects paypalLSO.sxx [ file ] :Source nspluginviewer :Source Path nspluginviewer :Port <Unknown> :Host (removed) :Source RPM Packages :Target RPM Packages :Policy RPM selinux-policy-3.10.0-106.fc17.noarch :Selinux Enabled True :Policy Type targeted :Enforcing Mode Enforcing :Host Name (removed) :Platform Linux (removed) 3.3.0-5.fc17.i686 #1 SMP Fri Mar : 23 20:52:57 UTC 2012 i686 i686 :Alert Count 20 :First Seen Thu 22 Mar 2012 04:06:40 PM CET :Last Seen Thu 29 Mar 2012 07:36:55 PM CEST :Local ID c1fe1aa7-87c1-429d-8fcb-3b3431734918 : :Raw Audit Messages :type=AVC msg=audit(1333042615.35:103): avc: denied { create } for pid=2329 comm="plugin-containe" name="paypalLSO.sxx" scontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file : : :Hash: nspluginviewer,mozilla_plugin_t,user_home_t,file,create : :audit2allowunable to open /sys/fs/selinux/policy: Permission denied : : :audit2allow -Runable to open /sys/fs/selinux/policy: Permission denied : :
Do you know where it attempted to create this file? paypalLSO.sxx What were you doing when this happened?
I received this report when I logged in to PayPal account. I have no idea how to find what the location of the file is. Reproduced using Firefox with Adobe Flash installed, on KDE desktop.
Can you execute as root # auditctl -w /etc/shadow Generate the AVC again. The grab the output of # ausearch -m avc -ts recent
# ausearch -m avc -ts recent ---- time->Thu Mar 29 20:13:16 2012 type=AVC msg=audit(1333044796.212:135): avc: denied { create } for pid=2329 comm="plugin-containe" name="paypalLSO.sxx" scontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file ---- time->Thu Mar 29 20:13:29 2012 type=AVC msg=audit(1333044809.616:136): avc: denied { create } for pid=2329 comm="plugin-containe" name="paypalLSO.sxx" scontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file ---- time->Thu Mar 29 20:13:29 2012 type=AVC msg=audit(1333044809.622:137): avc: denied { create } for pid=2329 comm="plugin-containe" name="paypalLSO.sxx" scontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file
I just noticed a weird behavior. Firefox is running the whole time. The PayPal website was closed immediately after I generated the AVC. Many minutes later, when I closed the terminal in which I run ausearch, I received the same report again... By the way, I am not even sure now, if this file should be allowed.
Just out of curiosity could you run restorecon -R -v ~/ To see if anything gets relabeled.
Got over 1000 lines of output. My /home is imported from other, non-SE distribution. The error is no more. In this case, I believe this restorecon should be run during installation of Fedora. Obviously, it did not happen, so this problem emerged.
It is very difficult to do this on an update and since you added the disk, not much we can do.