Ahojte SElinux mi vypísal upozornenia neviem čo s tým mám robiť. Dík za pomoc.
1,
SELinux is preventing /usr/lib64/xulrunner/plugin-container from create access on the directory .macromedia.
***** Plugin mozplugger (99.1 confidence) suggests *************************
If you want to use the plugin package
Then you must turn off SELinux controls on the Firefox plugins.
Do
setsebool unconfined_mozilla_plugin_transition 0
***** Plugin catchall (1.81 confidence) suggests ***************************
If you believe that plugin-container should be allowed create access on the .macromedia directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
grep plugin-containe /var/log/audit/audit.log | audit2allow -M mypol
semodule -i mypol.pp
Additional Information:
Source Context unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c
0.c1023
Target Context unconfined_u:object_r:user_home_dir_t:s0
Target Objects .macromedia [ dir ]
Source plugin-containe
Source Path /usr/lib64/xulrunner/plugin-container
Port <Neznáme>
Host localhost.localdomain
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.12.1-69.fc19.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name steve-comp
Platform Linux steve-comp 3.10.4-300.fc19.x86_64 #1 SMP Tue
Jul 30 11:29:05 UTC 2013 x86_64 x86_64
Alert Count 246
First Seen 2013-08-08 09:42:57 CEST
Last Seen 2013-08-08 11:29:31 CEST
Local ID 5a35f06b-1be9-4d7d-8114-9a3a52b3a263
Raw Audit Messages
type=AVC msg=audit(1375954171.386:1499): avc: denied { create } for pid=10118 comm=“plugin-containe” name=".macromedia" scontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=dir
Hash: plugin-containe,mozilla_plugin_t,user_home_dir_t,dir,create
2,
SELinux is preventing /opt/google/chrome/chrome from create access on the file libpeerconnection.log.
***** Plugin chrome (98.5 confidence) suggests *****************************
If you want to use the plugin package
Then you must turn off SELinux controls on the Chrome plugins.
Do
setsebool unconfined_chrome_sandbox_transition 0
***** Plugin catchall (2.46 confidence) suggests ***************************
If you believe that chrome should be allowed create access on the libpeerconnection.log file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
grep chrome /var/log/audit/audit.log | audit2allow -M mypol
semodule -i mypol.pp
Additional Information:
Source Context unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c
0.c1023
Target Context unconfined_u:object_r:user_home_dir_t:s0
Target Objects libpeerconnection.log [ file ]
Source chrome
Source Path /opt/google/chrome/chrome
Port <Neznáme>
Host localhost.localdomain
Source RPM Packages google-chrome-stable-28.0.1500.95-213514.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.12.1-69.fc19.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name steve-comp
Platform Linux steve-comp 3.10.4-300.fc19.x86_64 #1 SMP Tue
Jul 30 11:29:05 UTC 2013 x86_64 x86_64
Alert Count 4
First Seen 2013-08-08 11:33:36 CEST
Last Seen 2013-08-08 11:38:34 CEST
Local ID 098f9ab7-bf87-429e-b1d3-cd7eab2dac7d
Raw Audit Messages
type=AVC msg=audit(1375954714.842:1572): avc: denied { create } for pid=15403 comm=“chrome” name=“libpeerconnection.log” scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=file
type=SYSCALL msg=audit(1375954714.842:1572): arch=x86_64 syscall=open success=no exit=EACCES a0=7f76d3cd2dc8 a1=441 a2=1b6 a3=0 items=0 ppid=0 pid=15403 auid=1001 uid=1001 gid=1001 euid=1001 suid=1001 fsuid=1001 egid=1001 sgid=1001 fsgid=1001 ses=8 tty=(none) comm=chrome exe=/opt/google/chrome/chrome subj=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 key=(null)
Hash: chrome,chrome_sandbox_t,user_home_dir_t,file,create