Description of problem: SELinux is preventing /usr/lib/xulrunner/plugin-container from 'name_connect' accesses on the tcp_socket . ***** Plugin mozplugger (89.7 confidence) suggests ************************* If you want to use the plugin package Then you must turn off SELinux controls on the Firefox plugins. Do # setsebool unconfined_mozilla_plugin_transition 0 ***** Plugin catchall_boolean (10.0 confidence) suggests ******************* If you want to allow mozilla to plugin can network connect Then you must tell SELinux about this by enabling the 'mozilla_plugin_can_network_connect' boolean. You can read 'None' man page for more details. Do setsebool -P mozilla_plugin_can_network_connect 1 ***** Plugin catchall (1.69 confidence) suggests *************************** If you believe that plugin-container should be allowed name_connect access on the tcp_socket by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep plugin-containe /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c 0.c1023 Target Context system_u:object_r:xserver_port_t:s0 Target Objects [ tcp_socket ] Source plugin-containe Source Path /usr/lib/xulrunner/plugin-container Port 6001 Host (removed) Source RPM Packages xulrunner-22.0-4.fc19.i686 Target RPM Packages Policy RPM selinux-policy-3.12.1-65.fc19.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 3.9.9-302.fc19.i686.PAE #1 SMP Sat Jul 6 13:52:23 UTC 2013 i686 i686 Alert Count 3 First Seen 2013-07-21 09:48:15 EDT Last Seen 2013-07-21 10:25:38 EDT Local ID 7ae06719-92e3-483b-a3e5-c11e6761d597 Raw Audit Messages type=AVC msg=audit(1374416738.293:425): avc: denied { name_connect } for pid=2173 comm="plugin-containe" dest=6001 scontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xserver_port_t:s0 tclass=tcp_socket type=SYSCALL msg=audit(1374416738.293:425): arch=i386 syscall=socketcall success=no exit=EACCES a0=3 a1=af7ff060 a2=b5ded700 a3=0 items=0 ppid=1922 pid=2173 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ses=1 tty=(none) comm=plugin-containe exe=/usr/lib/xulrunner/plugin-container subj=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 key=(null) Hash: plugin-containe,mozilla_plugin_t,xserver_port_t,tcp_socket,name_connect Additional info: reporter: libreport-2.1.5 hashmarkername: setroubleshoot kernel: 3.9.9-302.fc19.i686.PAE type: libreport Potential duplicate: bug 744319
I wish to reproduce this one. Are you able to get it again? Does everything work corretly?
Do you have a plugin that is trying to do some X code within firefox?