Description of problem: SELinux is preventing wine-preloader from 'mmap_zero' accesses on the memprotect . ***** Plugin mmap_zero (53.1 confidence) suggests ************************** If você não acredita que o wine-preloader deva precisar mmap memória baixa no kernel. Then você pode estar sob ataque de um hacker, isto é um acesso muito perigoso. Do contate seu administrador de segurança e reporte este problema. ***** Plugin catchall_boolean (42.6 confidence) suggests ******************* If você deseja mmap_low_allowed Then you must tell SELinux about this by enabling the 'mmap_low_allowed' boolean.You can read 'initrc_selinux' man page for more details. Do setsebool -P mmap_low_allowed 1 ***** Plugin catchall (5.76 confidence) suggests *************************** If você acredita que o wine-preloader deva ser permitido acesso de mmap_zero em memprotect por default. Then você precisa reportar este como um erro. Você pode gerar um módulo de política local para permitir este acesso. Do permitir este acesso agora executando: # grep wine-preloader /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:initrc_t:s0 Target Context system_u:system_r:initrc_t:s0 Target Objects [ memprotect ] Source wine-preloader Source Path wine-preloader Port <Desconhecido> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.10.0-167.fc17.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 3.7.6-102.fc17.x86_64 #1 SMP Mon Feb 4 17:40:25 UTC 2013 x86_64 x86_64 Alert Count 6 First Seen 2013-02-14 19:00:24 BRST Last Seen 2013-02-17 23:47:57 BRT Local ID b0123ed1-a677-4f74-b8f0-b1d683a88aed Raw Audit Messages type=AVC msg=audit(1361155677.770:74): avc: denied { mmap_zero } for pid=1605 comm="wine-preloader" scontext=system_u:system_r:initrc_t:s0 tcontext=system_u:system_r:initrc_t:s0 tclass=memprotect Hash: wine-preloader,initrc_t,initrc_t,memprotect,mmap_zero audit2allow #============= initrc_t ============== #!!!! This avc can be allowed using the boolean 'mmap_low_allowed' allow initrc_t self:memprotect mmap_zero; audit2allow -R #============= initrc_t ============== #!!!! This avc can be allowed using the boolean 'mmap_low_allowed' allow initrc_t self:memprotect mmap_zero; Additional info: hashmarkername: setroubleshoot kernel: 3.7.6-102.fc17.x86_64 type: libreport
*** Bug 912471 has been marked as a duplicate of this bug. ***
i don't know that for what but I thing it's because the team viewer application. Package: (null) OS Release: Fedora release 18 (Spherical Cow)
Did the application work? If yes you can add a dontaudit rule, if no you need to turn on the boolean mmap_low_allowed. grep mmap_zero /var/log/audit/audit.log | audit2allow -DM mymmap semodule -i mymmap.pp or setsebool -P mmap_low_allowed 1
i got the same problem, caused by the daemon teamviewerd i suspect.
Let's do steps from the comment #3.
(In reply to comment #3) > Did the application work? If yes you can add a dontaudit rule, if no you > need to turn on the boolean mmap_low_allowed. > > grep mmap_zero /var/log/audit/audit.log | audit2allow -DM mymmap > semodule -i mymmap.pp > > or > > setsebool -P mmap_low_allowed 1 yes the application work but i can't understand your answer...