Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 634556 - missing "map" permissions for mozilla
Summary: missing "map" permissions for mozilla
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: SELinux (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: SE Linux Bugs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-10-17 16:57 UTC by Amadeusz Sławiński
Modified: 2018-10-03 20:52 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
if applications used fonts that may be mapped (0001-if-application-uses-fonts-they-may-be-mapped.patch,1.00 KB, patch)
2017-10-18 10:32 UTC, Amadeusz Sławiński 		Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Amadeusz Sławiński 2017-10-17 16:57:25 UTC 
seems like firefox tries to map files in ~/.fonts if present

[  156.790453] audit: type=1400 audit(1508258300.732:1650): avc:  denied  { map } for  pid=3549 comm=57656220436F6E74656E74 path="/home/amade/.fonts/fonts.dir" dev="dm-0" ino=13376471 scontext=staff_u:staff_r:mozilla_t tcontext=staff_u:object_r:user_fonts_t tclass=file permissive=0
[  156.790512] audit: type=1400 audit(1508258300.732:1651): avc:  denied  { map } for  pid=3549 comm=57656220436F6E74656E74 path="/home/amade/.fonts/unifont-9.0.06.ttf" dev="dm-0" ino=13376470 scontext=staff_u:staff_r:mozilla_t tcontext=staff_u:object_r:user_fonts_t tclass=file permissive=0
[  159.993298] audit: type=1400 audit(1508258303.935:1657): avc:  denied  { map } for  pid=3609 comm=57656220436F6E74656E74 path="/home/amade/.fonts/fonts.dir" dev="dm-0" ino=13376471 scontext=staff_u:staff_r:mozilla_t tcontext=staff_u:object_r:user_fonts_t tclass=file permissive=0
[  175.939426] audit: type=1400 audit(1508258319.881:1665): avc:  denied  { map } for  pid=3650 comm=57656220436F6E74656E74 path="/home/amade/.fonts/fonts.dir" dev="dm-0" ino=13376471 scontext=staff_u:staff_r:mozilla_t tcontext=staff_u:object_r:user_fonts_t tclass=file permissive=0
[  175.939486] audit: type=1400 audit(1508258319.881:1666): avc:  denied  { map } for  pid=3650 comm=57656220436F6E74656E74 path="/home/amade/.fonts/unifont-9.0.06.ttf" dev="dm-0" ino=13376470 scontext=staff_u:staff_r:mozilla_t tcontext=staff_u:object_r:user_fonts_t tclass=file permissive=0
Comment 2 Amadeusz Sławiński 2017-10-18 10:32:11 UTC 
Created attachment 499060 [details, diff]
if applications used fonts that may be mapped

and attach patch for history