npviever on rawhide: denied avcs

drago01 drago01 at gmail.com
Sat Oct 4 16:55:42 UTC 2008 

On Fri, Oct 3, 2008 at 3:11 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Antonio Olivares wrote:
>>
>>
>> --- On Thu, 10/2/08, Antonio Olivares <olivares14031 at yahoo.com> wrote:
>>
>>> From: Antonio Olivares <olivares14031 at yahoo.com>
>>> Subject: npviever on rawhide: denied avcs
>>> To: fedora-selinux-list at redhat.com
>>> Cc: fedora-test-list at redhat.com
>>> Date: Thursday, October 2, 2008, 5:21 PM
>>> Dear all,
>>>
>>> Doing a dmesg I see some denied avcs for npviewer
>>>
>>> I will attach the file,  I have not seen setroubleshoot
>>> kick in to warn me about these avcs.  Has anyone else seen
>>> these?
>>>
>>> Thanks,
>>>
>>> Antonio
>>>
>>>
>>>       --
>>> fedora-test-list mailing list
>>> fedora-test-list at redhat.com
>>> To unsubscribe:
>>> https://www.redhat.com/mailman/listinfo/fedora-test-list
>>
>> Messages were not attached, file too big :(
>>
>> Here's preview :)
>>
>> type=1400 audit(1222991578.902:1308): avc:  denied  { search } for  pid=17937 comm="npviewer.bin" name="dbus" dev=dm-0 ino=3276847 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_u:object_r:system_dbusd_var_lib_t:s0 tclass=dir
>> type=1400 audit(1222991578.902:1309): avc:  denied  { create } for  pid=17937 comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tclass=unix_dgram_socket
>> type=1400 audit(1222991578.903:1310): avc:  denied  { create } for  pid=17937 comm="npviewer.bin" scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tclass=unix_dgram_socket
>> type=1400 audit(1222991578.922:1311): avc:  denied  { search } for  pid=17937 comm="npviewer.bin" name="dbus" dev=dm-0 ino=3276847 scontext=unconfined_u:unconfined_r:nsplugin_t:s0-s0:c0.c1023 tcontext=system_u:object_r:system_dbusd_var_lib_t:s0 tclass=dir
>>
>>
>> Thanks,
>>
>> Antonio
>>
>>
>>
>>
> Looks like npviewer is becoming dbus aware.  I will allow it to connect
> to the dbus server, but I am not sure what service it is trying to
> communicate with.

the packagekit plugin tryes to connect to daemon?

More information about the fedora-selinux-list mailing list