SElinux denial warning
-
i opened vivaldi-stable and recieved a SElinux warning on desktop. referenced my extensions?:ublock origin and privacy badger and https everywhere. i am unclear if error had an effect on any process. SELinux is preventing vivaldi-stable from create access on the file 63. ***** Plugin catchall (100. confidence) suggests ************************** If you believe that vivaldi-stable should be allowed create access on the 63 file by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # ausearch -c 'vivaldi-stable' --raw | audit2allow -M my-vivaldistable # semodule -X 300 -i my-vivaldistable.pp Additional Information: Source Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Target Context unconfined_u:object_r:unconfined_t:s0 Target Objects 63 [ file ] Source vivaldi-stable Source Path vivaldi-stable Port <unknown>Host localhost.localdomain Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-191.14.fc24.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name localhost.localdomain Platform Linux localhost.localdomain 4.7.2-201.fc24.x86_64 #1 SMP Fri Aug 26 15:58:40 UTC 2016 x86_64 x86_64 Alert Count 4 First Seen 2016-09-05 12:54:09 EDT Last Seen 2016-09-06 21:52:07 EDT Local ID 3f525a05-a1f5-4064-821f-d08d267d46ef Raw Audit Messages type=AVC msg=audit(1473213127.504:286): avc: denied { create } for pid=16592 comm="vivaldi-stable" name="63" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:unconfined_t:s0 tclass=file permissive=0 Hash: vivaldi-stable,unconfined_t,unconfined_t,file,create</unknown>
-
warning repeated every time after three restarts of the program. problem does not occur in snapshot.
fedora24_64gnome
desktop extensions: freon, system monitor, random walls, netspeed. all from github through gnome-tweak-tool -
occurs in 1.4 version vivaldi-stable
-
Same problem here, also on Fedora 24. My only extensions are Mailvelope, Privacy Badger, and Fedora User Agent.
Running
vivaldi –version
yieldsVivaldi 1.4.589.15
. -
all right, i think i have something to fix the issue. vivaldi-snapshot gave me the selinux today. after i installed the following update, restarted browser i no longer had selinux warning on opening vivaldi:
Last metadata expiration check: 0:00:10 ago on Mon Sep 12 19:37:06 2016.
Dependencies resolved.Package Arch Version Repository Size
Installing:
appstream x86_64 0.9.8-3.fc24 updates 214 k
appstream-qt x86_64 0.9.8-3.fc24 updates 42 k
gpsd-libs x86_64 3.16-2.fc24 fedora 108 k
konsole5 x86_64 16.04.3-1.fc24 updates 152 k
konsole5-part x86_64 16.04.3-1.fc24 updates 418 k
libyaml x86_64 0.1.6-8.fc24 fedora 58 k
plasma-discover x86_64 5.7.4-1.fc24 updates 406 k
plasma-discover-libs x86_64 5.7.4-1.fc24 updates 444 k
plasma-workspace-drkonqi x86_64 5.7.4-2.fc24 updates 808 k
plasma-workspace-geolocation x86_64 5.7.4-2.fc24 updates 68 k
plasma-workspace-geolocation-libs x86_64 5.7.4-2.fc24 updates 37 k
protobuf x86_64 2.6.1-4.fc24 fedora 356 k
qt5-qdbusviewer x86_64 5.6.1-2.fc24 updates 56 k
Upgrading:
breeze-cursor-theme noarch 5.7.4-1.fc24 updates 260 k
dbus-glib x86_64 0.108-1.fc24 updates 122 k
f24-kde-theme-core x86_64 5.7.4-2.fc24 updates 103 k
kactivitymanagerd x86_64 5.7.4-1.fc24 updates 200 k
kde-cli-tools x86_64 5.7.4-1.fc24 updates 652 k
kdecoration x86_64 5.7.4-1.fc24 updates 63 k
kdesu x86_64 1:5.7.4-1.fc24 updates 52 k
khotkeys x86_64 5.7.4-1.fc24 updates 719 k
kmenuedit x86_64 5.7.4-1.fc24 updates 814 k
kscreenlocker x86_64 5.7.4-1.fc24 updates 197 k
kwin x86_64 5.7.4-1.fc24 updates 37 k
kwin-common x86_64 5.7.4-1.fc24 updates 3.0 M
kwin-libs x86_64 5.7.4-1.fc24 updates 1.3 M
kwrited x86_64 5.7.4-1.fc24 updates 32 k
libkscreen-qt5 x86_64 5.7.4-1.fc24 updates 249 k
libksysguard x86_64 5.7.4-1.fc24 updates 696 k
libksysguard-common x86_64 5.7.4-1.fc24 updates 45 k
libkworkspace5 x86_64 5.7.4-2.fc24 updates 89 k
oxygen-sound-theme noarch 5.7.4-1.fc24 updates 1.7 M
plasma-breeze x86_64 5.7.4-1.fc24 updates 356 k
plasma-breeze-common noarch 5.7.4-1.fc24 updates 10 M
plasma-desktop x86_64 5.7.4-1.fc24 updates 5.7 M
plasma-integration x86_64 5.7.4-1.fc24 updates 96 k
plasma-milou x86_64 5.7.4-1.fc24 updates 89 k
plasma-pa x86_64 5.7.4-1.fc24 updates 162 k
plasma-systemsettings x86_64 5.7.4-1.fc24 updates 293 k
plasma-workspace x86_64 5.7.4-2.fc24 updates 6.3 M
plasma-workspace-common x86_64 5.7.4-2.fc24 updates 34 k
plasma-workspace-libs x86_64 5.7.4-2.fc24 updates 1.5 M
polkit-kde x86_64 5.7.4-1.fc24 updates 82 k
powerdevil x86_64 5.7.4-1.fc24 updates 610 k
python3-decorator noarch 4.0.10-3.fc24 updates 26 kTransaction Summary
Install 13 Packages
Upgrade 32 PackagesTotal download size: 38 M
Is this ok [y/N]: y
Downloading Packages: -
That looks like a lot of files for additional desktop environments. Was it one of the KDE or Plasma installs that did it? How did you decide that these were the packages that might help?
Thanks for sharing!
Also, my sys already has dbus-glib, libyaml, and python3-decorator, so it seems unlikely that they solved the problem.
-
gnome desktop, using kde icons through tweak tool. the only application i recognize from kde is skrooge.
-
no idea how that update might be related, but that update and a minute of runtime were only system changes between me receiving warning on browserstartup, and it working properly.
-
-