Are you running permissive or enforcing? if permissive then it does not block anything, but says it is blocking if enforcing it is blocking something, though it may be a pointless/useless interface feature of some sort that does not matter, and does not really affect functionality. And it might be some sort of sub process that is failing to do something that may or may not matter. On Tue, Apr 13, 2021 at 2:59 PM home user <mattisonw@xxxxxxxxxxx> wrote: > > On 4/13/21 12:48 PM, Roger Heflin wrote: > > I see a lot of /memfd: in lsof it appears to be anonymous files (ie > > temp files). I am going to guess memfd is memory file descriptor, ie > > a temp file created in memory. > > > > Usually they are going to not actually exist anywhere in a fs. And > > generally the app that opens/creates them is the app that is going to > > immediately use it. > > > > if selinux is blocking it I would think it should cause some sort of > > issues with the owner/application using the file. > > > > lsof | grep "/memfd:/.nvidia" will show you the owner of the > > specific file. For the nvidia_drv one it looks like Xorg (on my > > system, may Wayland if you are using that) opens it. > > I've attached the output of "lsof | grep "/memfd:/.nvidia"". When I ran > that, caja, a terminal, and xeyes were running. > > > On mine in lsof I have hundreds using the .nvidia_drv.XXXXXX one and > > all have the same node in lsof so all are the same object, probably > > created by the display owner. > > > > It may be that caja itself is not granted the proper selinux > > permissions to use that resource and is hence getting the error. Ie > > the error may not be that the file is missing options but that the > > application is not allowed access to the file. > > When I ran the renames and deletes in caja, they all worked properly > even though I received the SELinux alerts in some cases. Would that > have been so if caja was lacking SELinux permissions? > > > you might try the restorecon against the caja executable itself > > > > On Tue, Apr 13, 2021 at 12:41 PM home user <mattisonw@xxxxxxxxxxx> wrote: > >> > >> [... snip ...] > _______________________________________________ > users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx > Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure _______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
