Hi All;
I'm running Fedora 23 KDE Spin, After a recent firefox update (I'm now at Firefox 46.0.1) I've been getting these SELINUX alerts:
The source process: 57656220436F6E74656E74 Attempted this access: create On this rawip_socket:
The alert gives me 2 choices:
1) If I want to use the plugin package:
you must turn off SELinux controls on the Firefox plugins. # setsebool -P unconfined_mozilla_plugin_transition 0
2) If I believe that 57656220436F6E74656E74 should be allowed to create access on the Unknown rawip_socket by default:
You should report this as a bug. You can generate a local policy module to allow this access. Allow this access for now by executing: # ausearch -c 57656220436F6E74656E74 --raw | audit2allow -M mypol # semodule -i mypol.pp
If I click on "Plugin Details" I get this:
SELinux is preventing 57656220436F6E74656E74 from create access on the rawip_socket Unknown.
Plugin: catchall you want to allow 57656220436F6E74656E74 to have create access on the Unknown rawip_socketIf you believe that 57656220436F6E74656E74 should be allowed create access on the Unknown rawip_socket by default. You should report this as a bug. You can generate a local policy module to allow this access. Allow this access for now by executing: # ausearch -c 57656220436F6E74656E74 --raw | audit2allow -M mypol # semodule -i mypol.pp
Thoughts? Is this a bug? Should I run the setsebool command to allow access?
Thanks in advance