Bug 964651 - SELinux is preventing /opt/google/chrome/chrome-sandbox from 'append' accesses on the unix_stream_socket unix_stream_socket.
SELinux is preventing /opt/google/chrome/chrome-sandbox from 'append' accesse...
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: gdm (Show other bugs)
19
x86_64 Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Ray Strode [halfline]
Fedora Extras Quality Assurance
abrt_hash:770ba94ac05ef47e855dd064b05...
:
: 964654 964655 964656 964657 964666 1028720 1040592 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-05-19 07:40 EDT by vinesh teotia
Modified: 2014-04-02 10:04 EDT (History)
38 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-01-02 17:53:00 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
lsof as root after starting Chrome - gdm login, KDE desktop (5.72 MB, text/plain)
2013-07-10 10:53 EDT, mdeggers
no flags Details
lsof as root after starting Chrome - gdm login,Gnome desktop (5.67 MB, text/plain)
2013-07-10 10:56 EDT, mdeggers
no flags Details
lsof as root after starting Chrome - gdm login, KDE desktop (4.51 MB, text/plain)
2013-07-10 13:36 EDT, mdeggers
no flags Details
lsof as root after starting Chrome - gdm login, Gnome desktop (4.15 MB, text/plain)
2013-07-10 13:37 EDT, mdeggers
no flags Details
/etc/pam.d/password-auth (743 bytes, text/plain)
2013-07-10 13:42 EDT, mdeggers
no flags Details
/etc/pam.d/gdm-password (770 bytes, text/plain)
2013-07-10 13:43 EDT, mdeggers
no flags Details

  None (edit)
Description vinesh teotia 2013-05-19 07:40:32 EDT
Description of problem:
SELinux is preventing /opt/google/chrome/chrome-sandbox from 'append' accesses on the unix_stream_socket unix_stream_socket.

*****  Plugin leaks (86.2 confidence) suggests  ******************************

If you want to ignore chrome-sandbox trying to append access the unix_stream_socket unix_stream_socket, because you believe it should not need this access.
Then you should report this as a bug.  
You can generate a local policy module to dontaudit this access.
Do
# grep /opt/google/chrome/chrome-sandbox /var/log/audit/audit.log | audit2allow -D -M mypol
# semodule -i mypol.pp

*****  Plugin catchall (14.7 confidence) suggests  ***************************

If you believe that chrome-sandbox should be allowed append access on the unix_stream_socket unix_stream_socket by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep chrome-sandbox /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c
                              0.c1023
Target Context                system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Objects                unix_stream_socket [ unix_stream_socket ]
Source                        chrome-sandbox
Source Path                   /opt/google/chrome/chrome-sandbox
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           google-chrome-stable-26.0.1410.63-192696.x86_64
Target RPM Packages           
Policy RPM                    selinux-policy-3.12.1-44.fc19.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Permissive
Host Name                     (removed)
Platform                      Linux (removed) 3.9.0-301.fc19.x86_64 #1 SMP Mon
                              Apr 29 13:44:05 UTC 2013 x86_64 x86_64
Alert Count                   74
First Seen                    2013-05-10 18:49:54 IST
Last Seen                     2013-05-19 17:07:42 IST
Local ID                      2406e2b5-c95b-4f67-a887-bd070861df58

Raw Audit Messages
type=AVC msg=audit(1368963462.231:611): avc:  denied  { append } for  pid=7788 comm="chrome-sandbox" path="socket:[27786]" dev="sockfs" ino=27786 scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=unix_stream_socket


type=SYSCALL msg=audit(1368963462.231:611): arch=x86_64 syscall=execve success=yes exit=0 a0=7f7db6315558 a1=456af874e10 a2=7f7db633ea80 a3=7f7db0358080 items=0 ppid=2585 pid=7788 auid=1000 uid=1000 gid=1000 euid=0 suid=0 fsuid=0 egid=1000 sgid=1000 fsgid=1000 ses=1 tty=(none) comm=chrome-sandbox exe=/opt/google/chrome/chrome-sandbox subj=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 key=(null)

Hash: chrome-sandbox,chrome_sandbox_t,xdm_t,unix_stream_socket,append

audit2allow

#============= chrome_sandbox_t ==============
allow chrome_sandbox_t xdm_t:unix_stream_socket append;

audit2allow -RYou must regenerate interface info by running /usr/bin/sepolgen-ifgen


Additional info:
reporter:       libreport-2.1.4
hashmarkername: setroubleshoot
kernel:         3.9.0-301.fc19.x86_64
type:           libreport
Comment 1 Daniel Walsh 2013-05-22 14:41:22 EDT
This looks like you are currently logged in as xdm_t?  Is this correct?

In a terminal window what does "id -Z" show.

What login program are you using?
Comment 2 Daniel Walsh 2013-05-22 14:46:03 EDT
*** Bug 964654 has been marked as a duplicate of this bug. ***
Comment 3 Daniel Walsh 2013-05-22 14:46:22 EDT
*** Bug 964655 has been marked as a duplicate of this bug. ***
Comment 4 Daniel Walsh 2013-05-22 14:46:33 EDT
*** Bug 964656 has been marked as a duplicate of this bug. ***
Comment 5 Daniel Walsh 2013-05-22 14:46:48 EDT
*** Bug 964657 has been marked as a duplicate of this bug. ***
Comment 6 Daniel Walsh 2013-05-22 14:47:04 EDT
*** Bug 964666 has been marked as a duplicate of this bug. ***
Comment 7 Paul Dugas 2013-06-11 16:04:55 EDT
Just installed Fedora 19 x86_64 on a test machine and got exactly the same SELinux alert.  I was logged in as me, not xdm_t.

$ id -a
uid=1000(test) gid=1000(test) groups=1000(test),10(wheel) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

I'd previously gotten another alert:

SELinux is preventing /opt/google/chrome/chrome from getattr access on the unix_stream_socket unix_stream_socket.

I can post the details of that one if it's of interest.
Comment 8 Miroslav Grepl 2013-06-13 08:43:48 EDT
(In reply to Paul Dugas from comment #7)
> Just installed Fedora 19 x86_64 on a test machine and got exactly the same
> SELinux alert.  I was logged in as me, not xdm_t.
> 
> $ id -a
> uid=1000(test) gid=1000(test) groups=1000(test),10(wheel)
> context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
> 
> I'd previously gotten another alert:
> 
> SELinux is preventing /opt/google/chrome/chrome from getattr access on the
> unix_stream_socket unix_stream_socket.
> 
> I can post the details of that one if it's of interest.

Yes, please. Thank you.
Comment 9 Frederik 2013-06-20 05:04:01 EDT
Description of problem:
every time I use chrome

Additional info:
reporter:       libreport-2.1.5
hashmarkername: setroubleshoot
kernel:         3.9.6-301.fc19.x86_64
type:           libreport
Comment 10 Daniel Walsh 2013-06-20 14:43:17 EDT
Please append the AVC messages.
Comment 11 Steven Stern 2013-07-02 16:25:41 EDT
Description of problem:
Fedora 19, updated from F18.

Started Chrome

Additional info:
reporter:       libreport-2.1.5
hashmarkername: setroubleshoot
kernel:         3.9.8-300.fc19.x86_64
type:           libreport
Comment 12 Steven Stern 2013-07-02 16:26:11 EDT
Description of problem:
started Chrome on F19

Additional info:
reporter:       libreport-2.1.5
hashmarkername: setroubleshoot
kernel:         3.9.8-300.fc19.x86_64
type:           libreport
Comment 13 Ed Greshko 2013-07-02 19:48:52 EDT
Just a bit of potentially irrelevant information.....

Running F19, fedup'ed from F18, in a VM (64bit)

google-chrome-stable-28.0.1500.70-209565.x86_64

[egreshko@f18x ~]$ uname -r
3.9.8-300.fc19.x86_64

And I do not get that AVC.
Comment 14 HoraciodSouza 2013-07-08 01:33:48 EDT
Description of problem:
Acabei de instalar o Fedora 19, estou usando o EasyLive para instalar pacote automaticamente. E derepente aparece esta mensagen de bug. Estou com o Firefox 22 aberto, Naltilus, terminal, e esta janela relatando o bug.
Sou grade fá do Fedora, ele é muito bom.
Obrigado

Additional info:
reporter:       libreport-2.1.5
hashmarkername: setroubleshoot
kernel:         3.9.9-301.fc19.i686
type:           libreport
Comment 15 mdeggers 2013-07-09 00:34:36 EDT
Description of problem:
Just running Chrome is enough to trigger this problem. Also, one cannot create a local policy file following the troubleshooter guide. Here's the output:

[root@trident Security]# grep chrome /var/log/audit/audit.log | audit2allow -M chrome
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i chrome.pp

[root@trident Security]# semodule -i chrome.pp
libsepol.print_missing_requirements: chrome's global requirements were not met: type/attribute chrome_sandbox_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory).
semodule:  Failed!

Additional info:
reporter:       libreport-2.1.5
hashmarkername: setroubleshoot
kernel:         3.9.9-301.fc19.x86_64
type:           libreport
Comment 16 Daniel Walsh 2013-07-09 16:56:42 EDT
grep chrome /var/log/audit/audit.log | audit2allow -M mychrome
semodule -i mychrome.pp
Comment 17 Daniel Walsh 2013-07-09 16:58:16 EDT
What login program are you using?  gdm?
Comment 18 mdeggers 2013-07-09 17:06:18 EDT
(In reply to Daniel Walsh from comment #17)
> What login program are you using?  gdm?

Yes, and the mission-control SELinux messages are back as well.
Comment 19 mdeggers 2013-07-09 17:07:08 EDT
(In reply to Daniel Walsh from comment #16)
> grep chrome /var/log/audit/audit.log | audit2allow -M mychrome
> semodule -i mychrome.pp

Thanks, that did the trick (at least the local policy is added).
Comment 20 Daniel Walsh 2013-07-09 17:09:57 EDT
Looks like gdm is leaking a unix_stream_socket into the user session.
Comment 21 Ray Strode [halfline] 2013-07-10 08:46:19 EDT
can you run lsof as root after starting chrome and attach it here?
Comment 22 mdeggers 2013-07-10 10:53:49 EDT
Created attachment 771687 [details]
lsof as root after starting Chrome - gdm login, KDE desktop

lsof captured from a KDE session via script. It has been edited to remove the control characters.
Comment 23 mdeggers 2013-07-10 10:56:38 EDT
Created attachment 771688 [details]
lsof as root after starting Chrome - gdm login,Gnome desktop

lsof captured via script. The output was edited to remove control characters.
Comment 24 Ray Strode [halfline] 2013-07-10 12:56:35 EDT
so chrome-sandbox has 4 sockets:

chrome-sa     1u     unix 0xffff88022f208000          0t0     299256 socket
chrome-sa     2u     unix 0xffff88022f208000          0t0     299256 socket
chrome-sa     3u     unix 0xffff88022f118000          0t0     303717 socket
chrome-sa     5u     unix 0xffff88022f118340          0t0     303713 socket

If it's leaked, it's going to be the top one. running this:

$ cat /tmp/foo |grep 0xffff88022f208000 |grep -iv chrome

I see that the socket is present in a bunch of processes including startkde. But it's not in gdm-session-worker (the thing that spawns the session), so i'm really not sure. maybe some pam module?

Did you log in with a password or fingerprint? if password, can you attach
/etc/pam.d/password-auth and /etc/pam.d/gdm-password ?

and if fingerprint /etc/pam.d/finger-print-auth and /etc/pam.d/gdm-fingerprint would be good.
Comment 25 mdeggers 2013-07-10 13:12:45 EDT
(In reply to Ray Strode [halfline] from comment #24)
> so chrome-sandbox has 4 sockets:
> 
> chrome-sa     1u     unix 0xffff88022f208000          0t0     299256 socket
> chrome-sa     2u     unix 0xffff88022f208000          0t0     299256 socket
> chrome-sa     3u     unix 0xffff88022f118000          0t0     303717 socket
> chrome-sa     5u     unix 0xffff88022f118340          0t0     303713 socket
> 
> If it's leaked, it's going to be the top one. running this:
> 
> $ cat /tmp/foo |grep 0xffff88022f208000 |grep -iv chrome
> 
> I see that the socket is present in a bunch of processes including startkde.
> But it's not in gdm-session-worker (the thing that spawns the session), so
> i'm really not sure. maybe some pam module?
> 
> Did you log in with a password or fingerprint? if password, can you attach
> /etc/pam.d/password-auth and /etc/pam.d/gdm-password ?
> 
> and if fingerprint /etc/pam.d/finger-print-auth and
> /etc/pam.d/gdm-fingerprint would be good.

Sigh, I see I didn't completely clean up after the upgrade. Although this just recently started, I should probably do the following:

1. Merge the following:

fingerprint-auth.rpmnew
postlogin.rpmnew
system-auth.rpmnew
password-auth.rpmnew
smartcard-auth.rpmnew

2. Recreate the lsof output

Since I've not made changes from the stock configuration, this should be fairly straightforward.

I do use a password (this laptop does not have a fingerprint reader).

I'll do that shortly, as well as attach password-auth and gdm-password.
Comment 26 mdeggers 2013-07-10 13:36:02 EDT
Created attachment 771752 [details]
lsof as root after starting Chrome - gdm login, KDE desktop

This is after merging all .rpmnew files in /etc/pam.d
Comment 27 mdeggers 2013-07-10 13:37:56 EDT
Created attachment 771753 [details]
lsof as root after starting Chrome - gdm login, Gnome desktop

This is after the merge of all .rpmnew files in /etc/pam.d
Comment 28 mdeggers 2013-07-10 13:42:16 EDT
Created attachment 771755 [details]
/etc/pam.d/password-auth
Comment 29 mdeggers 2013-07-10 13:43:11 EDT
Created attachment 771756 [details]
/etc/pam.d/gdm-password
Comment 30 Steven Stern 2013-07-12 18:34:41 EDT
Description of problem:
Opened a folder

Additional info:
reporter:       libreport-2.1.5
hashmarkername: setroubleshoot
kernel:         3.9.9-301.fc19.x86_64
type:           libreport
Comment 31 Kamil Páral 2013-07-30 17:31:33 EDT
Description of problem:
I guess Nautilus was trying to create a thumbnail of my video file that was just being downloaded.

Additional info:
reporter:       libreport-2.1.5
hashmarkername: setroubleshoot
kernel:         3.10.3-300.fc19.x86_64
type:           libreport
Comment 32 Rohit 2013-08-04 02:30:57 EDT
Description of problem:
Started Chrome

Additional info:
reporter:       libreport-2.1.5
hashmarkername: setroubleshoot
kernel:         3.10.4-300.fc19.x86_64
type:           libreport
Comment 33 Steven Stern 2013-08-20 15:07:29 EDT
Description of problem:
Opened a folder with PDF files in it ... in ~/Dropbox

Additional info:
reporter:       libreport-2.1.6
hashmarkername: setroubleshoot
kernel:         3.10.7-200.fc19.x86_64
type:           libreport
Comment 34 Miroslav Grepl 2013-11-11 07:37:34 EST
*** Bug 1028720 has been marked as a duplicate of this bug. ***
Comment 35 Alberto Passariello 2013-12-26 07:24:23 EST
Description of problem:
Scanning an exfat sdcard containing directories with mp3 files 

Additional info:
reporter:       libreport-2.1.10
hashmarkername: setroubleshoot
kernel:         3.12.5-302.fc20.x86_64
type:           libreport
Comment 36 Daniel Walsh 2014-01-02 14:36:27 EST
Can someone give me the output of id -Z in a terminal window?
Comment 37 Mikhail 2014-01-02 14:47:59 EST
# id -Z
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
Comment 38 Daniel Walsh 2014-01-02 17:14:19 EST
And Mikhail are you seeing this problem?
Comment 39 Mikhail 2014-01-02 17:22:10 EST
(In reply to Daniel Walsh from comment #38)
> And Mikhail are you seeing this problem?
at current time, no
Comment 40 Steven Stern 2014-01-02 17:32:41 EST
The problem went away a long time ago
Comment 41 Miroslav Grepl 2014-01-07 13:00:47 EST
*** Bug 1040592 has been marked as a duplicate of this bug. ***
Comment 42 mcnelson 2014-02-15 20:33:06 EST
Should not be marked as closed.  I just now encountered the bug (in the totem thumbnail viewer program) after a full update.
Comment 43 Daniel Walsh 2014-02-17 15:05:08 EST
Could you attach the AVC's you are now getting?
Comment 44 mcnelson 2014-02-23 23:50:36 EST
(In reply to Daniel Walsh from comment #43)
> Could you attach the AVC's you are now getting?

Here is the text from "Notify Admin"

SELinux is preventing /usr/bin/totem-video-thumbnailer from connectto access on the unix_stream_socket @/tmp/dbus-Vt5LVEeu4E.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that totem-video-thumbnailer should be allowed connectto access on the dbus-Vt5LVEeu4E unix_stream_socket by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep totem-video-thu /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023
Target Context system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Objects @/tmp/dbus-Vt5LVEeu4E [ unix_stream_socket ]
Source totem-video-thu
Source Path /usr/bin/totem-video-thumbnailer
Port <Unknown>
Host tattie
Source RPM Packages totem-3.10.1-1.fc20.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.12.1-106.fc20.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name tattie
Platform Linux tattie 3.12.6-300.fc20.x86_64 #1 SMP Mon Dec
23 16:44:31 UTC 2013 x86_64 x86_64
Alert Count 2
First Seen 2014-02-15 20:12:41 EST
Last Seen 2014-02-23 23:46:51 EST
Local ID c4c3ad4d-f90a-48b4-8724-ff4637f8221e

Raw Audit Messages
type=AVC msg=audit(1393217211.147:529): avc: denied { connectto } for pid=2042 comm="totem-video-thu" path=002F746D702F646275732D5674354C564565753445 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=unix_stream_socket


type=SYSCALL msg=audit(1393217211.147:529): arch=x86_64 syscall=connect success=no exit=EACCES a0=3 a1=7fffb42fdad0 a2=17 a3=0 items=0 ppid=1850 pid=2042 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ses=1 tty=(none) comm=totem-video-thu exe=/usr/bin/totem-video-thumbnailer subj=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 key=(null)

Hash: totem-video-thu,thumb_t,xdm_t,unix_stream_socket,connectto
Comment 45 mcnelson 2014-02-23 23:52:05 EST
Apologies for the delay.  It is intermittent.
Comment 46 Miroslav Grepl 2014-02-24 04:10:40 EST
(In reply to mcnelson from comment #45)
> Apologies for the delay.  It is intermittent.

Could you open a new bug for f20 release. This bug is about f19.
Comment 47 mcnelson 2014-03-05 09:29:49 EST
The  bug report was generated on a F20 machine.  The bug report tool determined it is a duplicate of this F19 bug.

So, you have another bug. 

I do not know how to manually get around that error in you bug reporting tool, and unfortunately, my schedule at this moment does not allow me to take time away from other tasks to learn about it.

If you fix your bug reporting tool, I am happy to report the bug again when it comes up.  And, it does it come up regularly on machines that are powered off and on.
Comment 48 Tommy He 2014-03-07 19:55:58 EST
I encountered this bug on Fedora 20 with totem-video-thumbnailer. There isn't much info reported in SETroublershooter, strangely. Only this:

SELinux is preventing /usr/bin/totem-video-thumbnailer from connectto access on the unix_stream_socket .

And I'm using MATE with lightdm, not gdm.

selinux-policy-targeted-3.12.1-127.fc20.noarch
lightdm-1.8.5-2.fc20.x86_64
totem-3.10.1-1.fc20.x86_64
Comment 49 Brian J. Murrell 2014-04-02 10:03:36 EDT
I got this bug on F20.  Can we please have it reopened and the Version: set to 20 since it's still happening?
Comment 50 Brian J. Murrell 2014-04-02 10:04:45 EDT
SELinux is preventing /usr/bin/totem-video-thumbnailer from connectto access on the unix_stream_socket @/tmp/dbus-bknjsaHcKu.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that totem-video-thumbnailer should be allowed connectto access on the dbus-bknjsaHcKu unix_stream_socket by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep totem-video-thu /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023
Target Context                system_u:system_r:xdm_t:s0-s0:c0.c1023
Target Objects                @/tmp/dbus-bknjsaHcKu [ unix_stream_socket ]
Source                        totem-video-thu
Source Path                   /usr/bin/totem-video-thumbnailer
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           totem-3.10.1-1.fc20.x86_64
Target RPM Packages           
Policy RPM                    selinux-policy-3.12.1-122.fc20.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     (removed)
Platform                      Linux brian-laptop
                              3.13.4-200.fc20.x86_64 #1 SMP Thu Feb 20 23:00:47
                              UTC 2014 x86_64 x86_64
Alert Count                   5
First Seen                    2014-02-25 10:01:17 EST
Last Seen                     2014-03-19 15:03:48 EDT
Local ID                      23da223c-6689-4e21-be71-06be3148ea92

Raw Audit Messages
type=AVC msg=audit(1395255828.29:446): avc:  denied  { connectto } for  pid=2570 comm="totem-video-thu" path=002F746D702F646275732D626B6E6A736148634B75 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=system_u:system_r:xdm_t:s0-s0:c0.c1023 tclass=unix_stream_socket


type=SYSCALL msg=audit(1395255828.29:446): arch=x86_64 syscall=connect success=no exit=EACCES a0=3 a1=7fff8f9b3b00 a2=17 a3=0 items=0 ppid=2266 pid=2570 auid=1001 uid=1001 gid=1001 euid=1001 suid=1001 fsuid=1001 egid=1001 sgid=1001 fsgid=1001 ses=1 tty=(none) comm=totem-video-thu exe=/usr/bin/totem-video-thumbnailer subj=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 key=(null)

Hash: totem-video-thu,thumb_t,xdm_t,unix_stream_socket,connectto

Note You need to log in before you can comment on or make changes to this bug.