Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 634558 - missing "map" permissions for accessing mime.cache
Summary: missing "map" permissions for accessing mime.cache
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: SELinux (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: SE Linux Bugs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-10-17 17:04 UTC by Amadeusz Sławiński
Modified: 2018-10-03 20:55 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Amadeusz Sławiński 2017-10-17 17:04:54 UTC 
[  810.789118] audit: type=1400 audit(1508258954.730:1673): avc:  denied  { map } for  pid=3473 comm="firefox" path="/usr/share/mime/mime.cache" dev="dm-0" ino=6295861 scontext=staff_u:staff_r:mozilla_t tcontext=staff_u:object_r:usr_t tclass=file permissive=0

I also see similar thing in policy I work on for claws-mail, seems like some gtk stuff, should probably has it's own label and interface?
If it gets it's own label it would probably be good idea to also add label for /home/$USER/.local/share/mime/mime.cache .