libreport version: 2.0.10 executable: /usr/bin/python2.7 hashmarkername: setroubleshoot kernel: 3.3.4-4.fc17.i686 time: Sex 11 Mai 2012 18:21:53 WEST description: :SELinux is preventing epiphany from 'execmod' accesses on the file /usr/lib/libjavascriptcoregtk-3.0.so.0.13.2. : :***** Plugin allow_execmod (91.4 confidence) suggests ********************** : :If you want to allow epiphany to have execmod access on the libjavascriptcoregtk-3.0.so.0.13.2 file :Then you need to change the label on '/usr/lib/libjavascriptcoregtk-3.0.so.0.13.2' :Do :# semanage fcontext -a -t textrel_shlib_t '/usr/lib/libjavascriptcoregtk-3.0.so.0.13.2' :# restorecon -v '/usr/lib/libjavascriptcoregtk-3.0.so.0.13.2' : :***** Plugin catchall (9.59 confidence) suggests *************************** : :If you believe that epiphany should be allowed execmod access on the libjavascriptcoregtk-3.0.so.0.13.2 file by default. :Then you should report this as a bug. :You can generate a local policy module to allow this access. :Do :allow this access for now by executing: :# grep epiphany /var/log/audit/audit.log | audit2allow -M mypol :# semodule -i mypol.pp : :Additional Information: :Source Context unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c : 0.c1023 :Target Context system_u:object_r:lib_t:s0 :Target Objects /usr/lib/libjavascriptcoregtk-3.0.so.0.13.2 [ file : ] :Source epiphany :Source Path epiphany :Port <Desconhecida> :Host (removed) :Source RPM Packages :Target RPM Packages webkitgtk3-1.8.1-1.fc17.i686 :Policy RPM selinux-policy-3.10.0-121.fc17.noarch :Selinux Enabled True :Policy Type targeted :Enforcing Mode Enforcing :Host Name (removed) :Platform Linux jobezone-laptop 3.3.4-4.fc17.i686 #1 SMP Fri : May 4 18:07:55 UTC 2012 i686 i686 :Alert Count 1 :First Seen Sex 11 Mai 2012 18:16:39 WEST :Last Seen Sex 11 Mai 2012 18:16:39 WEST :Local ID 19a4bd2d-9aea-4504-a77a-42758819a540 : :Raw Audit Messages :type=AVC msg=audit(1336756599.709:382): avc: denied { execmod } for pid=8313 comm="epiphany" path="/usr/lib/libjavascriptcoregtk-3.0.so.0.13.2" dev="dm-1" ino=2102113 scontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tcontext=system_u:object_r:lib_t:s0 tclass=file : : :Hash: epiphany,mozilla_plugin_t,lib_t,file,execmod : :audit2allowunable to open /sys/fs/selinux/policy: Permission denied : : :audit2allow -Runable to open /sys/fs/selinux/policy: Permission denied : :
:***** Plugin allow_execmod (91.4 confidence) suggests ********************** : :If you want to allow epiphany to have execmod access on the libjavascriptcoregtk-3.0.so.0.13.2 file :Then you need to change the label on '/usr/lib/libjavascriptcoregtk-3.0.so.0.13.2' :Do # semanage fcontext -a -t textrel_shlib_t '/usr/lib/libjavascriptcoregtk-3.0.so.0.13.2' # restorecon -v '/usr/lib/libjavascriptcoregtk-3.0.so.0.13.2'
I read that, but I sent the bug anyway because I thought that this should be allowed by default. If not, should I report it as a bug in epiphany?