-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 02/19/2012 03:02 AM, Adrian Sevcenco wrote:
Hi! i have this situation in which kwin (which is strange as the
command reported is firefox) tries to map a memory region as
executable and writable. The advice is to report to bugzilla ..
before doing this, did someone else encountered this?
Thanks, Adrian
SELinux is preventing /usr/bin/kwin from execmem access on the None
.
***** Plugin catchall (100. confidence) suggests
***************************
If you believe that kwin should be allowed execmem access on the
<Unknown> by default. Then you should report this as a bug. You can
generate a local policy module to allow this access. Do allow this
access for now by executing: # grep kwin /var/log/audit/audit.log |
audit2allow -M mypol # semodule -i mypol.pp
Additional Information: Source Context
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Target
Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023
Target Objects [ None ] Source
kwin Source Path /usr/bin/kwin Port
<Unknown> Host adrian.home Source RPM
Packages firefox-10.0.1-1.fc16.x86_64 Target RPM
Packages Policy RPM
selinux-policy-3.10.0-75.fc16.noarch Selinux Enabled
True Policy Type targeted Enforcing Mode
Permissive Host Name adrian.home Platform
Linux adrian.home 3.2.6-3.fc16.x86_64 #1 SMP Mon Feb 13 20:35:42
UTC 2012 x86_64 x86_64 Alert Count 13 First Seen
Sat 18 Feb 2012 02:55:59 PM EET Last Seen Sun
19 Feb 2012 09:53:32 AM EET Local ID
5f799950-b58d-4cda-af92-f71bb4d4652c
Raw Audit Messages type=AVC msg=audit(1329638012.530:69): avc:
denied { execmem } for pid=2360 comm="firefox"
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=processnode=adrian.home type=SYSCALL
msg=audit(1329638012.530:69): arch=c000003e syscall=9 success=yes
exit=140493093380096 a0=0 a1=10000 a2=7 a3=22 items=0 ppid=1634
pid=2360 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000
egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=1 comm="firefox"
exe="/usr/lib64/firefox/firefox"
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
key=(null)
-- selinux mailing list selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
Wow that is strange. I would just turn on the allow_execmem boolean,
which is not on by default in F16.
The kwin problem looks like something went wrong within setroubleshoot.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla -
http://enigmail.mozdev.org/
iEYEARECAAYFAk9CfWwACgkQrlYvE4MpobNDLgCguADFilSm8bFIO13ZJJWt3wgt
usUAoIs9wy91h0UddaAoYbndZ6qJ1mfO
=2+H7
-----END PGP SIGNATURE-----