Additional info: libreport version: 2.0.13 kernel: 3.5.4-1.fc17.x86_64 description: :SELinux is preventing /usr/lib64/nspluginwrapper/plugin-config from read, write access on the fifo_file /tmp/AtiXUEvent0000262a_018dc170. : :***** Plugin leaks (86.2 confidence) suggests ****************************** : :If sie möchten den read write Zugriff von plugin-config,auf AtiXUEvent0000262a_018dc170 fifo_file ignorieren, weil Sie glauben, dass dieser Zugriff nicht benötigt wird. :Then sie sollten dies als Fehler melden. :Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. :Do :# grep /usr/lib64/nspluginwrapper/plugin-config /var/log/audit/audit.log | audit2allow -D -M mypol :# semodule -i mypol.pp : :***** Plugin catchall (14.7 confidence) suggests *************************** : :If sie denken, dass plugin-config standardmässig erlaubt sein sollte, read write Zugriff auf AtiXUEvent0000262a_018dc170 fifo_file zu erhalten. :Then sie sollten dies als Fehler melden. :Um diesen Zugriff zu erlauben, können Sie ein lokales Richtlinien-Modul erstellen. :Do :zugriff jetzt erlauben, indem Sie die nachfolgenden Befehle ausführen: :# grep plugin-config /var/log/audit/audit.log | audit2allow -M mypol :# semodule -i mypol.pp : :Additional Information: :Source Context unconfined_u:unconfined_r:mozilla_plugin_config_t: : s0-s0:c0.c1023 :Target Context unconfined_u:object_r:user_tmp_t:s0 :Target Objects /tmp/AtiXUEvent0000262a_018dc170 [ fifo_file ] :Source plugin-config :Source Path /usr/lib64/nspluginwrapper/plugin-config :Port <Unbekannt> :Host (removed) :Source RPM Packages nspluginwrapper-1.4.4-11.fc17.x86_64 :Target RPM Packages :Policy RPM selinux-policy-3.10.0-149.fc17.noarch :Selinux Enabled True :Policy Type targeted :Enforcing Mode Enforcing :Host Name (removed) :Platform Linux (removed) 3.5.4-1.fc17.x86_64 #1 SMP Mon Sep : 17 15:03:59 UTC 2012 x86_64 x86_64 :Alert Count 3 :First Seen 2012-09-23 13:10:28 CEST :Last Seen 2012-09-23 13:10:28 CEST :Local ID 55af39df-c8ac-4668-be1a-a58f7ea09680 : :Raw Audit Messages :type=AVC msg=audit(1348398628.524:1047): avc: denied { read write } for pid=9927 comm="plugin-config" path="/tmp/AtiXUEvent0000262a_018dc170" dev="sdc4" ino=53346592 scontext=unconfined_u:unconfined_r:mozilla_plugin_config_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=fifo_file : : :type=AVC msg=audit(1348398628.524:1047): avc: denied { read write } for pid=9927 comm="plugin-config" path="/tmp/AtiXUEvent0000262a_01b4e7e0" dev="sdc4" ino=53346596 scontext=unconfined_u:unconfined_r:mozilla_plugin_config_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=fifo_file : : :type=SYSCALL msg=audit(1348398628.524:1047): arch=x86_64 syscall=execve success=yes exit=0 a0=23abdf0 a1=23a7b90 a2=23ab470 a3=18 items=0 ppid=9925 pid=9927 auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=2 comm=plugin-config exe=/usr/lib64/nspluginwrapper/plugin-config subj=unconfined_u:unconfined_r:mozilla_plugin_config_t:s0-s0:c0.c1023 key=(null) : :Hash: plugin-config,mozilla_plugin_config_t,user_tmp_t,fifo_file,read,write : :audit2allow : :#============= mozilla_plugin_config_t ============== :allow mozilla_plugin_config_t user_tmp_t:fifo_file { read write }; : :audit2allow -R : :#============= mozilla_plugin_config_t ============== :allow mozilla_plugin_config_t user_tmp_t:fifo_file { read write }; :
Created attachment 616081 [details] File: type
Created attachment 616082 [details] File: hashmarkername
Any idea what you were doing when this happened? Basically I am interested how /tmp/AtiXUEvent0000262a_01b4e7e0 is created.
Looks like a leak. Needs userdom_dontaudit_rw_user_tmp_pipes(mozilla_plugin_config_t)
Added
selinux-policy-3.10.0-153.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/selinux-policy-3.10.0-153.fc17
Package selinux-policy-3.10.0-153.fc17: * should fix your issue, * was pushed to the Fedora 17 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.10.0-153.fc17' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-15652/selinux-policy-3.10.0-153.fc17 then log in and leave karma (feedback).
do not know. i got this error after i loaded fedora Package: (null) OS Release: Fedora release 17 (Beefy Miracle)
selinux-policy-3.10.0-153.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.