Hide Forgot
Description of problem: After a Chrome update. SELinux is preventing /opt/google/chrome/chrome from append, open access on the file /home/benoit/libpeerconnection.log. ***** Plugin restorecon (99.5 confidence) suggests ************************* If vous souhaitez corriger l'étiquette. L'étiquette par défaut de /home/benoit/libpeerconnection.log devrait être user_home_t. Then vous pouvez exécuter restorecon. Do # /sbin/restorecon -v /home/benoit/libpeerconnection.log ***** Plugin catchall (1.49 confidence) suggests *************************** If vous pensez que chrome devrait être autorisé à accéder append open sur libpeerconnection.log file par défaut. Then vous devriez rapporter ceci en tant qu'anomalie. Vous pouvez générer un module de stratégie local pour autoriser cet accès. Do autoriser cet accès pour le moment en exécutant : # grep chrome /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c 0.c1023 Target Context unconfined_u:object_r:user_home_dir_t:s0 Target Objects /home/benoit/libpeerconnection.log [ file ] Source chrome Source Path /opt/google/chrome/chrome Port <Unknown> Host (removed) Source RPM Packages google-chrome-stable-28.0.1500.45-205727.x86_64 Target RPM Packages Policy RPM selinux-policy-3.11.1-97.fc18.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.9.5-201.fc18.x86_64 #1 SMP Tue Jun 11 19:40:51 UTC 2013 x86_64 x86_64 Alert Count 1 First Seen 2013-06-18 13:10:07 CEST Last Seen 2013-06-18 13:10:07 CEST Local ID 9c547359-de7d-453f-8d86-59ee520b856f Raw Audit Messages type=AVC msg=audit(1371553807.830:463): avc: denied { append open } for pid=5708 comm="chrome" path="/home/benoit/libpeerconnection.log" dev="dm-2" ino=12321926 scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=file type=SYSCALL msg=audit(1371553807.830:463): arch=x86_64 syscall=open success=no exit=EACCES a0=7f406fe73918 a1=441 a2=1b6 a3=ffffe000 items=0 ppid=0 pid=5708 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ses=10 tty=(none) comm=chrome exe=/opt/google/chrome/chrome subj=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 key=(null) Hash: chrome,chrome_sandbox_t,user_home_dir_t,file,append,open audit2allow #============= chrome_sandbox_t ============== allow chrome_sandbox_t user_home_dir_t:file { open append }; audit2allow -R require { type chrome_sandbox_t; type user_home_dir_t; class file { open append }; } #============= chrome_sandbox_t ============== allow chrome_sandbox_t user_home_dir_t:file { open append }; Additional info: reporter: libreport-2.1.4 hashmarkername: setroubleshoot kernel: 3.9.5-201.fc18.x86_64 type: libreport
*** This bug has been marked as a duplicate of bug 960792 ***
*** Bug 976322 has been marked as a duplicate of this bug. ***