FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora SELinux Support

 
 
LinkBack Thread Tools
 
Old 02-19-2012, 07:02 AM
Adrian Sevcenco
 
Default f16 x86_64 :: kwin - execmem

Hi! i have this situation in which kwin (which is strange as the command
reported is firefox) tries to map a memory region as executable and
writable. The advice is to report to bugzilla ..
before doing this, did someone else encountered this?

Thanks,
Adrian

SELinux is preventing /usr/bin/kwin from execmem access on the None .

***** Plugin catchall (100. confidence) suggests
***************************

If you believe that kwin should be allowed execmem access on the
<Unknown> by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep kwin /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Context
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Objects [ None ]
Source kwin
Source Path /usr/bin/kwin
Port <Unknown>
Host adrian.home
Source RPM Packages firefox-10.0.1-1.fc16.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.10.0-75.fc16.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Permissive
Host Name adrian.home
Platform Linux adrian.home 3.2.6-3.fc16.x86_64 #1
SMP Mon
Feb 13 20:35:42 UTC 2012 x86_64 x86_64
Alert Count 13
First Seen Sat 18 Feb 2012 02:55:59 PM EET
Last Seen Sun 19 Feb 2012 09:53:32 AM EET
Local ID 5f799950-b58d-4cda-af92-f71bb4d4652c

Raw Audit Messages
type=AVC msg=audit(1329638012.530:69): avc: denied { execmem } for
pid=2360 comm="firefox"
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tclass=processnode=adrian.home type=SYSCALL
msg=audit(1329638012.530:69): arch=c000003e syscall=9 success=yes
exit=140493093380096 a0=0 a1=10000 a2=7 a3=22 items=0 ppid=1634 pid=2360
auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000
sgid=1000 fsgid=1000 tty=(none) ses=1 comm="firefox"
exe="/usr/lib64/firefox/firefox"
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)

--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 
Old 02-20-2012, 04:05 PM
Daniel J Walsh
 
Default f16 x86_64 :: kwin - execmem

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/19/2012 03:02 AM, Adrian Sevcenco wrote:
> Hi! i have this situation in which kwin (which is strange as the
> command reported is firefox) tries to map a memory region as
> executable and writable. The advice is to report to bugzilla ..
> before doing this, did someone else encountered this?
>
> Thanks, Adrian
>
> SELinux is preventing /usr/bin/kwin from execmem access on the None
> .
>
> ***** Plugin catchall (100. confidence) suggests
> ***************************
>
> If you believe that kwin should be allowed execmem access on the
> <Unknown> by default. Then you should report this as a bug. You can
> generate a local policy module to allow this access. Do allow this
> access for now by executing: # grep kwin /var/log/audit/audit.log |
> audit2allow -M mypol # semodule -i mypol.pp
>
> Additional Information: Source Context
> unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Target
> Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023
> Target Objects [ None ] Source
> kwin Source Path /usr/bin/kwin Port
> <Unknown> Host adrian.home Source RPM
> Packages firefox-10.0.1-1.fc16.x86_64 Target RPM
> Packages Policy RPM
> selinux-policy-3.10.0-75.fc16.noarch Selinux Enabled
> True Policy Type targeted Enforcing Mode
> Permissive Host Name adrian.home Platform
> Linux adrian.home 3.2.6-3.fc16.x86_64 #1 SMP Mon Feb 13 20:35:42
> UTC 2012 x86_64 x86_64 Alert Count 13 First Seen
> Sat 18 Feb 2012 02:55:59 PM EET Last Seen Sun
> 19 Feb 2012 09:53:32 AM EET Local ID
> 5f799950-b58d-4cda-af92-f71bb4d4652c
>
> Raw Audit Messages type=AVC msg=audit(1329638012.530:69): avc:
> denied { execmem } for pid=2360 comm="firefox"
> scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
> tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
> tclass=processnode=adrian.home type=SYSCALL
> msg=audit(1329638012.530:69): arch=c000003e syscall=9 success=yes
> exit=140493093380096 a0=0 a1=10000 a2=7 a3=22 items=0 ppid=1634
> pid=2360 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000
> egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=1 comm="firefox"
> exe="/usr/lib64/firefox/firefox"
> subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
> key=(null)
>
>
>
> -- selinux mailing list selinux@lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/selinux

Wow that is strange. I would just turn on the allow_execmem boolean,
which is not on by default in F16.

The kwin problem looks like something went wrong within setroubleshoot.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk9CfWwACgkQrlYvE4MpobNDLgCguADFilSm8b FIO13ZJJWt3wgt
usUAoIs9wy91h0UddaAoYbndZ6qJ1mfO
=2+H7
-----END PGP SIGNATURE-----
--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
 

Thread Tools




All times are GMT. The time now is 03:00 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org