setroubleshooter not filing bugs, is there another way

Daniel J Walsh dwalsh at redhat.com
Tue Aug 18 17:17:09 UTC 2009 

On 08/18/2009 08:33 AM, Antonio Olivares wrote:
> Mohammed,
> 
> Thank you very much for your advice.  It also works and it gives all the denied avcs :)
> 
>>  You can try searching you audit by using this
>> command:
>>
>>  ausearch -m avc
>>
>> for today's denial messages : ausearch -m avc -ts
>> today
>>
>>  
> 
> [root at localhost ~]# ausearch -m avc -ts today
> ----
> time->Tue Aug 18 07:25:56 2009
> type=SYSCALL msg=audit(1250598356.895:28): arch=40000003 syscall=90 success=no exit=-13 a0=bff8b0c0 a1=0 a2=bff8b0c0 a3=5a items=0 ppid=1479 pid=1840 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="wine-preloader" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(1250598356.895:28): avc:  denied  { mmap_zero } for  pid=1840 comm="wine-preloader" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> ----
> time->Tue Aug 18 07:25:57 2009
> type=SYSCALL msg=audit(1250598357.702:29): arch=40000003 syscall=90 success=no exit=-13 a0=bfe7d630 a1=0 a2=bfe7d630 a3=5a items=0 ppid=1 pid=1848 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="wine-preloader" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(1250598357.702:29): avc:  denied  { mmap_zero } for  pid=1848 comm="wine-preloader" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> ----
> time->Tue Aug 18 07:25:57 2009
> type=SYSCALL msg=audit(1250598357.812:30): arch=40000003 syscall=192 success=no exit=-13 a0=0 a1=110000 a2=0 a3=32 items=0 ppid=1 pid=1848 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="wineboot.exe" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(1250598357.812:30): avc:  denied  { mmap_zero } for  pid=1848 comm="wineboot.exe" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> ----
> time->Tue Aug 18 07:25:57 2009
> type=SYSCALL msg=audit(1250598357.889:31): arch=40000003 syscall=90 success=no exit=-13 a0=bff8ad80 a1=0 a2=bff8ad80 a3=5a items=0 ppid=1848 pid=1849 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="wine-preloader" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(1250598357.889:31): avc:  denied  { mmap_zero } for  pid=1849 comm="wine-preloader" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> ----
> time->Tue Aug 18 07:25:57 2009
> type=SYSCALL msg=audit(1250598357.937:32): arch=40000003 syscall=90 success=no exit=-13 a0=bf9c5880 a1=0 a2=bf9c5880 a3=5a items=0 ppid=1848 pid=1850 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="wine-preloader" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(1250598357.937:32): avc:  denied  { mmap_zero } for  pid=1850 comm="wine-preloader" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> ----
> time->Tue Aug 18 07:25:58 2009
> type=SYSCALL msg=audit(1250598358.059:33): arch=40000003 syscall=192 success=no exit=-13 a0=0 a1=110000 a2=0 a3=32 items=0 ppid=1848 pid=1850 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="services.exe" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(1250598358.059:33): avc:  denied  { mmap_zero } for  pid=1850 comm="services.exe" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> ----
> time->Tue Aug 18 07:25:58 2009
> type=SYSCALL msg=audit(1250598358.696:34): arch=40000003 syscall=192 success=no exit=-13 a0=0 a1=110000 a2=0 a3=32 items=0 ppid=1 pid=1849 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="winemenubuilder" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(1250598358.696:34): avc:  denied  { mmap_zero } for  pid=1849 comm="winemenubuilder" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> ----
> time->Tue Aug 18 07:25:59 2009
> type=SYSCALL msg=audit(1250598359.058:35): arch=40000003 syscall=192 success=no exit=-13 a0=0 a1=110000 a2=0 a3=32 items=0 ppid=1479 pid=1840 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="Emu48.exe" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(1250598359.058:35): avc:  denied  { mmap_zero } for  pid=1840 comm="Emu48.exe" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> ----
> time->Tue Aug 18 07:26:03 2009
> type=SYSCALL msg=audit(1250598363.514:36): arch=40000003 syscall=90 success=no exit=-13 a0=bfa73ab0 a1=0 a2=bfa73ab0 a3=5a items=0 ppid=1 pid=1861 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="wine-preloader" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(1250598363.514:36): avc:  denied  { mmap_zero } for  pid=1861 comm="wine-preloader" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> ----
> time->Tue Aug 18 07:26:03 2009
> type=SYSCALL msg=audit(1250598363.591:37): arch=40000003 syscall=192 success=no exit=-13 a0=0 a1=110000 a2=0 a3=32 items=0 ppid=1 pid=1861 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="explorer.exe" exe="/usr/bin/wine-preloader" subj=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 key=(null)
> type=AVC msg=audit(1250598363.591:37): avc:  denied  { mmap_zero } for  pid=1861 comm="explorer.exe" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
> 
> 
> Regards,
> 
> Antonio
> 
> 
>       
> 
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
And if you run this output through audit2allow -w in rawhide, you will get the following.

type=AVC msg=audit(1250598356.895:28): avc:  denied  { mmap_zero } for  pid=1840 comm="wine-preloader" scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect 

	Was caused by:
	The boolean mmap_low_allowed was set incorrectly. 
	Description:
	Allow certain domains to map low memory in the kernel

	Allow access by executing:
	# setsebool -P mmap_low_allowed 1

Sadly this is not what setroubleshoot told you.  I will fix setroubleshoot to give this suggestion.

More information about the fedora-selinux-list mailing list