View Issue Details

IDProjectCategoryView StatusLast Update
0015471CentOS-7selinux-policypublic2019-09-27 18:17
Reporterkiranhegde75@gmail.com 
PrioritynormalSeverityminorReproducibilityhave not tried
Status newResolutionopen 
PlatformOSOS Version7
Product Version 
Target VersionFixed in Version 
Summary0015471: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
DescriptionDescription of problem:
after updating using yum4 update on 17/11/2018
SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.

***** Plugin catchall (100. confidence) suggests **************************

If you believe that evince-thumbnailer should be allowed nnp_transition nosuid_transition access on processes labeled thumb_t by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'evince-thumbnai' --raw | audit2allow -M my-evincethumbnai
# semodule -i my-evincethumbnai.pp

Additional Information:
Source Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
                              023
Target Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023
Target Objects Unknown [ process2 ]
Source evince-thumbnai
Source Path /usr/bin/evince-thumbnailer
Port <Unknown>
Host (removed)
Source RPM Packages evince-3.28.2-5.el7.x86_64
Target RPM Packages
Policy RPM selinux-policy-3.13.1-229.el7.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name (removed)
Platform Linux (removed) 3.10.0-957.el7.x86_64 #1 SMP Thu
                              Nov 8 23:39:32 UTC 2018 x86_64 x86_64
Alert Count 13
First Seen 2018-11-18 13:22:26 IST
Last Seen 2018-11-18 13:25:57 IST
Local ID 829eac3c-2433-4738-ac1a-c87c5d0026f3

Raw Audit Messages
type=AVC msg=audit(1542527757.392:612): avc: denied { nnp_transition nosuid_transition } for pid=11933 comm="flatpak-bwrap" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tclass=process2 permissive=0


type=SYSCALL msg=audit(1542527757.392:612): arch=x86_64 syscall=execve success=yes exit=0 a0=7fff60e0268f a1=7fff60e04cc0 a2=25f8160 a3=74616c6c6174736e items=0 ppid=11929 pid=11933 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=1 comm=evince-thumbnai exe=/usr/bin/evince-thumbnailer subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)

Hash: evince-thumbnai,unconfined_t,thumb_t,process2,nnp_transition,nosuid_transition

Version-Release number of selected component:
selinux-policy-3.13.1-229.el7.noarch
Additional Informationreporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.el7.x86_64
reproducible: Not sure how to reproduce the problem
type: libreport
TagsNo tags attached.
abrt_hashc265433adeb2d300ea92952f93ce61f46ff3bd12c986d5a54d0db07fc3b74a5b
URL

Activities

jarodez

jarodez

2018-12-12 20:48

reporter   ~0033327

Another user experienced a similar problem:

I happens when i open a PDF File.
I double click on it to open it, and then this bug occurs

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.1.3.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.6.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
touister

touister

2018-12-13 20:31

reporter   ~0033332

Another user experienced a similar problem:

Happened when opening nautilus from firefox's "open directory" of downloaded file.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.1.3.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.6.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
RTTST

RTTST

2018-12-29 15:29

reporter   ~0033472

Another user experienced a similar problem:

This has started popping up after the most recent CentOS update.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.1.3.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.6.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
static2k

static2k

2019-01-04 19:26

reporter   ~0033515

Another user experienced a similar problem:

not sure how it errored it just happened

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.1.3.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.6.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
cvdiaconu

cvdiaconu

2019-01-10 21:32

reporter   ~0033563

Another user experienced a similar problem:

When opening a folder containing pdf files in nautilus, which I did not access in a while (I don't know how long).

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.1.3.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.6.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
kabattm

kabattm

2019-01-20 14:06

reporter   ~0033644

Another user experienced a similar problem:

I am not sure if any of this caused the issue, but I am trying to install the CIS-CAT Pro application on CentOS 7 (Linux localhost.localdomain 3.10.0-957.1.3.el7.x86_64 #1 SMP Thu Nov 29 14:49:43 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
). As recommended by CIS, I was following: https://www.digitalocean.com/community/tutorials/how-to-install-apache-tomcat-8-on-centos-7; followed with assistance from: https://www.tecmint.com/install-apache-tomcat-in-centos/.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.1.3.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.6.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
hjs1k

hjs1k

2019-02-03 14:24

reporter   ~0033761

Another user experienced a similar problem:

I don't konw why this situation and in this messange.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.5.1.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.9.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
zainecoto

zainecoto

2019-02-04 20:41

reporter   ~0033774

Another user experienced a similar problem:

it happens when i open a directory containing files of type pdf and sometimes mp4

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.1.3.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.9.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
Danflo77

Danflo77

2019-03-03 18:28

reporter   ~0033934

Another user experienced a similar problem:

Repentinamente, ni siquiera estaba haciendo algo.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.5.1.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.9.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
prasantpradhan821

prasantpradhan821

2019-03-05 15:37

reporter   ~0033940

Another user experienced a similar problem:

Its showing through notifications.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.5.1.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.9.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
rolandihasz

rolandihasz

2019-03-06 09:38

reporter   ~0033946

Another user experienced a similar problem:

Sending in this problem report after a clean system install on VMware fusion Professional Version 10.1.5 (10950653).
This bug report occured immediate after I did a [yum update and system reboot] to bring the OS up to date.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.5.1.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.9.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
rolandihasz

rolandihasz

2019-03-06 10:48

reporter   ~0033949

Here is the screenshot, I just missed to attach to my report.

details.png (135,938 bytes)
details.png (135,938 bytes)
Andreas1302

Andreas1302

2019-03-07 09:26

reporter   ~0033955

Another user experienced a similar problem:

Happend after the installation of MegaRAID Storage Manager from broadcom (MegaRAID_Storage_Manager-17.05.00-02.noarch.rpm)

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.5.1.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.9.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
sethgoldin

sethgoldin

2019-03-18 21:36

reporter   ~0034038

Another user experienced a similar problem:

If I try to open an image from the Files app in GNOME, this occurs.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.5.1.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.9.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
vana

vana

2019-03-25 20:45

reporter   ~0034088

Another user experienced a similar problem:


reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.10.1.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.9.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
Phanikumar

Phanikumar

2019-03-30 16:10

reporter   ~0034132

Another user experienced a similar problem:

SELinux is preventing /usr/bin/evince-thumbnailer from using the 'nnp_transition, nosuid_transition' accesses on a process.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.9.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
likhang

likhang

2019-04-12 06:18

reporter   ~0034184

Another user experienced a similar problem:

The problem happened when using Cups-PDF to print a document as a PDF file.
The bug alert poped up only when the PDF file is reported to be "printed".
It can be reproduced when repeating the abovementioned step.

reporter: libreport-2.1.11.1
description: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
hashmarkername: setroubleshoot
kernel: 3.10.0-957.10.1.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.9.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
type: libreport
iclosecrm

iclosecrm

2019-05-16 17:35

reporter   ~0034475

Another user experienced a similar problem:

Got this opening a folder containing .pdf files

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.12.1.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.12.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
dsburkhart

dsburkhart

2019-05-23 13:50

reporter   ~0034511

Another user experienced a similar problem:

Open file browser window viewing thumbnail.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.12.2.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.12.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
AussManStan

AussManStan

2019-06-16 13:28

reporter   ~0034674

Another user experienced a similar problem:

Received a SELinux Popup.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.21.2.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.12.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
durian

durian

2019-06-22 07:05

reporter   ~0034707

Another user experienced a similar problem:

Problem started when clicking a folder under "Computer".

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.21.3.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.12.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
jhony3891

jhony3891

2019-09-07 04:44

reporter   ~0035081

Another user experienced a similar problem:

I was just browsing when it suddenly sent the alert and bug

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-957.27.2.el7.x86_64
package: selinux-policy-3.13.1-229.el7_6.15.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport
jpineror

jpineror

2019-09-27 18:17

reporter   ~0035258

Another user experienced a similar problem:

I am not sure. This is a new install of Centos 7.7 which has an old Nokia N8 phone for mobile broadband and an external USB hard drive. This error occured on a vm image on workstation version 15.

reporter: libreport-2.1.11.1
hashmarkername: setroubleshoot
kernel: 3.10.0-1062.1.1.el7.x86_64
package: selinux-policy-3.13.1-252.el7.1.noarch
reason: SELinux is preventing /usr/bin/evince-thumbnailer from using the nnp_transition, nosuid_transition access on a process.
reproducible: Not sure how to reproduce the problem
type: libreport

Issue History

Date Modified Username Field Change
2018-11-18 07:58 kiranhegde75@gmail.com New Issue
2018-12-12 20:48 jarodez Note Added: 0033327
2018-12-13 20:31 touister Note Added: 0033332
2018-12-29 15:29 RTTST Note Added: 0033472
2019-01-04 19:26 static2k Note Added: 0033515
2019-01-10 21:32 cvdiaconu Note Added: 0033563
2019-01-20 14:06 kabattm Note Added: 0033644
2019-02-03 14:24 hjs1k Note Added: 0033761
2019-02-04 20:41 zainecoto Note Added: 0033774
2019-03-03 18:28 Danflo77 Note Added: 0033934
2019-03-05 15:37 prasantpradhan821 Note Added: 0033940
2019-03-06 09:38 rolandihasz Note Added: 0033946
2019-03-06 10:48 rolandihasz File Added: details.png
2019-03-06 10:48 rolandihasz Note Added: 0033949
2019-03-07 09:26 Andreas1302 Note Added: 0033955
2019-03-18 21:36 sethgoldin Note Added: 0034038
2019-03-25 20:45 vana Note Added: 0034088
2019-03-30 16:10 Phanikumar Note Added: 0034132
2019-04-12 06:18 likhang Note Added: 0034184
2019-05-16 17:35 iclosecrm Note Added: 0034475
2019-05-23 13:50 dsburkhart Note Added: 0034511
2019-06-16 13:28 AussManStan Note Added: 0034674
2019-06-22 07:05 durian Note Added: 0034707
2019-09-07 04:44 jhony3891 Note Added: 0035081
2019-09-27 18:17 jpineror Note Added: 0035258