Antonio Olivares wrote:
>
>
> --- On Thu, 10/2/08, Antonio Olivares <olivares14031(a)yahoo.com> wrote:
>
>> From: Antonio Olivares <olivares14031(a)yahoo.com>
>> Subject: npviever on rawhide: denied avcs
>> To: fedora-selinux-list(a)redhat.com
>> Cc: fedora-test-list(a)redhat.com
>> Date: Thursday, October 2, 2008, 5:21 PM
>> Dear all,
>>
>> Doing a dmesg I see some denied avcs for npviewer
>>
>> I will attach the file, I have not seen setroubleshoot
>> kick in to warn me about these avcs. Has anyone else seen
>> these?
>>
>> Thanks,
>>
>> Antonio
>>
>>
>> --
>> fedora-test-list mailing list
>> fedora-test-list(a)redhat.com
>> To unsubscribe:
>>
https://www.redhat.com/mailman/listinfo/fedora-test-list
>
> Messages were not attached, file too big :(
>
> Here's preview :)
>
> type=1400 audit(1222991578.902:1308): avc: denied { search } for pid=17937
comm="npviewer.bin" name="dbus" dev=dm-0 ino=3276847
scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023
tcontext=system_u:object_r:system_dbusd_var_lib_t:s0 tclass=dir
> type=1400 audit(1222991578.902:1309): avc: denied { create } for pid=17937
comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tclass=unix_dgram_socket
> type=1400 audit(1222991578.903:1310): avc: denied { create } for pid=17937
comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tclass=unix_dgram_socket
> type=1400 audit(1222991578.922:1311): avc: denied { search } for pid=17937
comm="npviewer.bin" name="dbus" dev=dm-0 ino=3276847
scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023
tcontext=system_u:object_r:system_dbusd_var_lib_t:s0 tclass=dir
>
>
> Thanks,
>
> Antonio
>
>
>
>
Looks like npviewer is becoming dbus aware. I will allow it to connect
to the dbus server, but I am not sure what service it is trying to
communicate with.