1248149 - abrt-hook-ccpp from getattr access on the file

Status: RESOLVED INVALID

(Bugzilla :: Bugzilla-General, defect)

Description

[zabuskii37@hotmail.co.uk]

Attachment: Screenshot at 2016-02-13 15:42:00.png

User Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:44.0) Gecko/20100101 Firefox/44.0
Build ID: 20160208102905

Steps to reproduce:

Used Midori to surf the Web. Installed latest version via Fedora 23 Workstation on Friday 12th February 2016.


Actual results:

*** SELinux AVC Denial ***

SELinux is preventing abrt-hook-ccpp from getattr access on the file.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that abrt-hook-ccpp should be allowed getattr access on the file file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep abrt-hook-ccpp /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                system_u:system_r:abrt_dump_oops_t:s0
Target Context                system_u:object_r:nsfs_t:s0
Target Objects                file [ file ]
Source                        abrt-hook-ccpp
Source Path                   abrt-hook-ccpp
Port                          <Unknown>
Host                          Unknown-d0-50-99-5a-24-5f-3.home
Source RPM Packages           
Target RPM Packages           
Policy RPM                    selinux-policy-3.13.1-158.4.fc23.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     Unknown-d0-50-99-5a-24-5f-3.home
Platform                      Linux Unknown-d0-50-99-5a-24-5f-3.home
                              4.3.5-300.fc23.x86_64+debug #1 SMP Mon Feb 1
                              03:02:02 UTC 2016 x86_64 x86_64
Alert Count                   5
First Seen                    2016-02-13 14:31:14 GMT
Last Seen                     2016-02-13 15:00:57 GMT
Local ID                      8544c2cf-0b42-4693-b9c0-4f7954f5d3f2

Raw Audit Messages
type=AVC msg=audit(1455375657.526:604): avc:  denied  { getattr } for  pid=4355 comm="abrt-hook-ccpp" path="ipc:[4026531839]" dev="nsfs" ino=4026531839 scontext=system_u:system_r:abrt_dump_oops_t:s0 tcontext=system_u:object_r:nsfs_t:s0 tclass=file permissive=0


Hash: abrt-hook-ccpp,abrt_dump_oops_t,nsfs_t,file,getattr



Expected results:

Midori Web Browser (Installed latest version) via Fedora 23 Workstation on Friday 12th February 2016.  Should be stable.  Not crashing/ shutting down and keep sending me error reports.  A small E-mail window appears to send an E-mail to you (Admin) and the forwarding address is blank.  I have provided what I can. Am new to Linux, as a former Microsoft User.  Please provide an Admin address for reporting future bugs.

Comment 1

[Frédéric Buclin]

You reported this bug against the wrong Bugzilla installation. You should report your bug to https://bugzilla.redhat.com/.