[tor-bugs] #19349 [- Select a component]: SELinux Fedora 22 Crash
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Jun 8 15:17:57 UTC 2016
#19349: SELinux Fedora 22 Crash
--------------------------------------+-----------------
Reporter: dansemacar | Owner:
Type: defect | Status: new
Priority: Medium | Milestone:
Component: - Select a component | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
--------------------------------------+-----------------
Hi
I opened a new tab while browsing with Tor Browser 6.0.1, when an SELinux
alert popped up, at which point Tor Browser crashed. I'm using 64 bit
Fedora 22 with the Gnome shell.
The "details" of the SELinux error are here:
SELinux is preventing /usr/libexec/abrt-hook-ccpp from getattr access on
the file file.
***** Plugin catchall (100. confidence) suggests
**************************
If you believe that abrt-hook-ccpp should be allowed getattr access on the
file file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep abrt-hook-ccpp /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Additional Information:
Source Context system_u:system_r:abrt_dump_oops_t:s0
Target Context system_u:object_r:nsfs_t:s0
Target Objects file [ file ]
Source abrt-hook-ccpp
Source Path /usr/libexec/abrt-hook-ccpp
Port <Unknown>
Host localhost.localdomain
Source RPM Packages abrt-addon-coredump-
helper-2.6.1-10.fc22.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.13.1-128.28.fc22.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name localhost.localdomain
Platform Linux localhost.localdomain
4.4.11-200.fc22.x86_64
#1 SMP Tue May 24 00:20:46 UTC 2016 x86_64
x86_64
Alert Count 3
First Seen 2016-05-28 11:33:42 CEST
Last Seen 2016-06-08 17:07:31 CEST
Local ID 46073432-d621-479e-b8ca-53db3389570a
Raw Audit Messages
type=AVC msg=audit(1465398451.178:624): avc: denied { getattr } for
pid=4513 comm="abrt-hook-ccpp" path="ipc:[4026531839]" dev="nsfs"
ino=4026531839 scontext=system_u:system_r:abrt_dump_oops_t:s0
tcontext=system_u:object_r:nsfs_t:s0 tclass=file permissive=0
type=SYSCALL msg=audit(1465398451.178:624): arch=x86_64 syscall=newfstatat
success=no exit=EACCES a0=5 a1=7fb00f614c2a a2=7fff496a2ea0 a3=0 items=0
ppid=2 pid=4513 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 tty=(none) ses=4294967295 comm=abrt-hook-ccpp
exe=/usr/libexec/abrt-hook-ccpp subj=system_u:system_r:abrt_dump_oops_t:s0
key=(null)
Hash: abrt-hook-ccpp,abrt_dump_oops_t,nsfs_t,file,getattr
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/19349>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list