realplayer AVCs

Tom London selinux at gmail.com
Mon Nov 13 17:32:44 UTC 2006 

On 11/13/06, Daniel J Walsh <dwalsh at redhat.com> wrote:
> Tom London wrote:
> > After updating to selinux-policy-targeted-2.4.3-10, I notice the
> > following AVCs when starting 'realplayer'.  Realplayer no longer
> > works. Didn't notice these before. Don't believe I saw any context
> > changes during the update.
> >
> > type=AVC msg=audit(1163288612.216:22): avc:  denied  { execmem } for
> > pid=3365 comm="realplay.bin" scontext=user_u:system_r:unconfined_t:s0
> > tcontext=user_u:system_r:unconfined_t:s0 tclass=process
> > type=SYSCALL msg=audit(1163288612.216:22): arch=40000003 syscall=192
> > per=400000 success=no exit=-13 a0=0 a1=a01000 a2=7 a3=22 items=0
> > ppid=3360 pid=3365 auid=500 uid=500 gid=500 euid=500 suid=500
> > fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 comm="realplay.bin"
> > exe="/usr/local/RealPlayer/realplay.bin"
> > subj=user_u:system_r:unconfined_t:s0 key=(null)
> > type=AVC msg=audit(1163288612.224:23): avc:  denied  { execmem } for
> > pid=3365 comm="realplay.bin" scontext=user_u:system_r:unconfined_t:s0
> > tcontext=user_u:system_r:unconfined_t:s0 tclass=process
> > type=SYSCALL msg=audit(1163288612.224:23): arch=40000003 syscall=192
> > per=400000 success=no exit=-13 a0=0 a1=a01000 a2=7 a3=22 items=0
> > ppid=3360 pid=3365 auid=500 uid=500 gid=500 euid=500 suid=500
> > fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 comm="realplay.bin"
> > exe="/usr/local/RealPlayer/realplay.bin"
> > subj=user_u:system_r:unconfined_t:s0 key=(null)
> > type=AVC msg=audit(1163288612.224:24): avc:  denied  { execmem } for
> > pid=3365 comm="realplay.bin" scontext=user_u:system_r:unconfined_t:s0
> > tcontext=user_u:system_r:unconfined_t:s0 tclass=process
> > type=SYSCALL msg=audit(1163288612.224:24): arch=40000003 syscall=192
> > per=400000 success=no exit=-13 a0=0 a1=a01000 a2=7 a3=22 items=0
> > ppid=3360 pid=3365 auid=500 uid=500 gid=500 euid=500 suid=500
> > fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 comm="realplay.bin"
> > exe="/usr/local/RealPlayer/realplay.bin"
> > subj=user_u:system_r:unconfined_t:s0 key=(null)
> >
> > tom
> Did they recently change the location of this file?
>
> grep realplay /etc/selinux/targeted/contexts/files/file_contexts
> /usr/local/RealPlay/realplay\.bin       --
> system_u:object_r:unconfined_execmem_exec_t:s0
>
Ah.... mine seems to be installed in /usr/local/RealPlayer.

Perhaps

/usr/local/RealPlay(er)?/realplay\.bin       --
system_u:object_r:unconfined_execmem_exec_t:s0

tom
-- 
Tom London

More information about the fedora-selinux-list mailing list