Re: realplayer AVCs

"Tom London" <selinux@xxxxxxxxx> · Mon, 13 Nov 2006 09:32:44 -0800

On 11/13/06, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
Tom London wrote:
> After updating to selinux-policy-targeted-2.4.3-10, I notice the
> following AVCs when starting 'realplayer'.  Realplayer no longer
> works. Didn't notice these before. Don't believe I saw any context
> changes during the update.
>
> type=AVC msg=audit(1163288612.216:22): avc:  denied  { execmem } for
> pid=3365 comm="realplay.bin" scontext=user_u:system_r:unconfined_t:s0
> tcontext=user_u:system_r:unconfined_t:s0 tclass=process
> type=SYSCALL msg=audit(1163288612.216:22): arch=40000003 syscall=192
> per=400000 success=no exit=-13 a0=0 a1=a01000 a2=7 a3=22 items=0
> ppid=3360 pid=3365 auid=500 uid=500 gid=500 euid=500 suid=500
> fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 comm="realplay.bin"
> exe="/usr/local/RealPlayer/realplay.bin"
> subj=user_u:system_r:unconfined_t:s0 key=(null)
> type=AVC msg=audit(1163288612.224:23): avc:  denied  { execmem } for
> pid=3365 comm="realplay.bin" scontext=user_u:system_r:unconfined_t:s0
> tcontext=user_u:system_r:unconfined_t:s0 tclass=process
> type=SYSCALL msg=audit(1163288612.224:23): arch=40000003 syscall=192
> per=400000 success=no exit=-13 a0=0 a1=a01000 a2=7 a3=22 items=0
> ppid=3360 pid=3365 auid=500 uid=500 gid=500 euid=500 suid=500
> fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 comm="realplay.bin"
> exe="/usr/local/RealPlayer/realplay.bin"
> subj=user_u:system_r:unconfined_t:s0 key=(null)
> type=AVC msg=audit(1163288612.224:24): avc:  denied  { execmem } for
> pid=3365 comm="realplay.bin" scontext=user_u:system_r:unconfined_t:s0
> tcontext=user_u:system_r:unconfined_t:s0 tclass=process
> type=SYSCALL msg=audit(1163288612.224:24): arch=40000003 syscall=192
> per=400000 success=no exit=-13 a0=0 a1=a01000 a2=7 a3=22 items=0
> ppid=3360 pid=3365 auid=500 uid=500 gid=500 euid=500 suid=500
> fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 comm="realplay.bin"
> exe="/usr/local/RealPlayer/realplay.bin"
> subj=user_u:system_r:unconfined_t:s0 key=(null)
>
> tom
Did they recently change the location of this file?

grep realplay /etc/selinux/targeted/contexts/files/file_contexts
/usr/local/RealPlay/realplay\.bin       --
system_u:object_r:unconfined_execmem_exec_t:s0

Ah.... mine seems to be installed in /usr/local/RealPlayer.

Perhaps

/usr/local/RealPlay(er)?/realplay\.bin       --
system_u:object_r:unconfined_execmem_exec_t:s0

tom
--
Tom London

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list