Red Hat Bugzilla – Bug 828870
SELinux is preventing /usr/bin/totem-video-thumbnailer from execute access on the file /home/obrieju/.orc/orcexec.bW0JZ4 (deleted).
Last modified: 2012-06-11 09:29:06 EDT
Description of problem: se-applet popped up this error Version-Release number of selected component (if applicable): How reproducible: not sure Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: SELinux is preventing /usr/bin/totem-video-thumbnailer from execute access on the file /home/obrieju/.orc/orcexec.bW0JZ4 (deleted). ***** Plugin catchall (100. confidence) suggests *************************** If you believe that totem-video-thumbnailer should be allowed execute access on the orcexec.bW0JZ4 (deleted) file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep multiqueue0:src /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 Target Context unconfined_u:object_r:gstreamer_home_t:s0 Target Objects /home/obrieju/.orc/orcexec.bW0JZ4 (deleted) [ file ] Source multiqueue0:src Source Path /usr/bin/totem-video-thumbnailer Port <Unknown> Host x60.scs.sem.earlham.edu Source RPM Packages totem-3.4.2-1.fc17.x86_64 Target RPM Packages Policy RPM selinux-policy-3.10.0-128.fc17.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name x60.scs.sem.earlham.edu Platform Linux x60.scs.sem.earlham.edu 3.3.7-1.fc17.x86_64 #1 SMP Mon May 21 22:32:19 UTC 2012 x86_64 x86_64 Alert Count 2 First Seen Tue 05 Jun 2012 09:23:30 AM EDT Last Seen Tue 05 Jun 2012 09:23:30 AM EDT Local ID d60666af-4b60-4d7c-9ca2-3b25e3aaa7d3 Raw Audit Messages type=AVC msg=audit(1338902610.704:105): avc: denied { execute } for pid=3940 comm="multiqueue0:src" path=2F686F6D652F6F627269656A752F2E6F72632F6F7263657865632E6257304A5A34202864656C6574656429 dev="dm-3" ino=133157 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:gstreamer_home_t:s0 tclass=file type=SYSCALL msg=audit(1338902610.704:105): arch=x86_64 syscall=mmap success=no exit=EACCES a0=0 a1=10000 a2=5 a3=1 items=0 ppid=1362 pid=3940 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=2 comm=multiqueue0:src exe=/usr/bin/totem-video-thumbnailer subj=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 key=(null) Hash: multiqueue0:src,thumb_t,gstreamer_home_t,file,execute audit2allowunable to open /sys/fs/selinux/policy: Permission denied audit2allow -Runable to open /sys/fs/selinux/policy: Permission denied
restorecon -R -v /home Should fix. The next selinux-policy we release will do this automatically.
Same error with: totem-3.4.2-1.fc17.x86_64 selinux-policy-3.10.0-129.fc17.noarch selinux-policy-targeted-3.10.0-129.fc17.noarch I tried to reboot with .autorelabel but il did not fix anything. I also tried restorecon -R -v /home but it still have this error.
*** This bug has been marked as a duplicate of bug 827128 ***