Occasionally when I attempt to print a page from Firefox to a pdf file I get an SELinux alert. SeLinux is in permissive mode on the machine a the moment. From the SELinux Alert Browser I learn (this is the detail report)
Code: Select all
SELinux is preventing 57656220436F6E74656E74 from create access on the file 4B69636B737461727420486F77546F2E706466.
***** Plugin mozplugger (99.1 confidence) suggests ************************
If you want to use the plugin package
Then you must turn off SELinux controls on the Firefox plugins.
Do
# setsebool -P unconfined_mozilla_plugin_transition 0
***** Plugin catchall (1.81 confidence) suggests **************************
If you believe that 57656220436F6E74656E74 should be allowed create access on the 4B69636B737461727420486F77546F2E706466 file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c '57656220436F6E74656E74' --raw | audit2allow -M my-57656220436F6E74656E74
# semodule -i my-57656220436F6E74656E74.pp
Additional Information:
Source Context unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c
0.c1023
Target Context unconfined_u:object_r:user_home_t:s0
Target Objects 4B69636B737461727420486F77546F2E706466 [ file ]
Source 57656220436F6E74656E74
Source Path 57656220436F6E74656E74
Port <Unknown>
Host vmCentOS7Mate
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.13.1-102.el7_3.16.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Permissive
Host Name vmCentOS7Mate
Platform Linux vmCentOS7Mate 3.10.0-514.26.2.el7.x86_64 #1
SMP Tue Jul 4 15:04:05 UTC 2017 x86_64 x86_64
Alert Count 19
First Seen 2017-07-01 08:23:22 EDT
Last Seen 2017-08-16 08:33:52 EDT
Local ID 733ebfe4-268d-4f7d-96e9-62e4079753c5
Raw Audit Messages
type=AVC msg=audit(1502886832.128:284): avc: denied { create } for pid=17161 comm=57656220436F6E74656E74 name=4B69636B737461727420486F77546F2E706466 scontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file
type=AVC msg=audit(1502886832.128:284): avc: denied { write } for pid=17161 comm=57656220436F6E74656E74 path=2F686F6D652F6B656E2F4465736B746F702F4B69636B737461727420486F77546F2E706466 dev="dm-0" ino=33646271 scontext=unconfined_u:unconfined_r:mozilla_plugin_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file
Hash: 57656220436F6E74656E74,mozilla_plugin_t,user_home_t,file,create
Thanks,
Ken