[i=s] 本帖最后由 yanqing148 于 2010-4-4 13:53 编辑 [/i]
fedora12系统,每次开机登录桌面后,selinux总是会提示如下错误:
概述:
SELinux is preventing /usr/lib/chromium-browser/chromium-browser "execute"
access on /dev/zero.
详细描述:
[chromium-browse 有一个宽容类型
(chrome_sandbox_t)。此访问未受拒绝。]
SELinux denied access requested by chromium-browse. It is not expected that this
access is required by chromium-browse and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
You can generate a local policy module to allow this access - see FAQ
(http://docs.fedoraproject.org/selinux-faq-fc5/#id2961385) Please file a bug
report.
附加信息:
源上下文 unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c
0.c1023
目标上下文 system_u:object_r:zero_device_t:s0
目标对象 /dev/zero [ chr_file ]
源 chromium-browse
源路径 /usr/lib/chromium-browser/chromium-browser
端口 <未知>
主机 localhost.localdomain
源 RPM 软件包 chromium-5.0.360.0-0.1.20100322svn42211.fc12
目标 RPM 软件包
策略 RPM selinux-policy-3.6.32-106.fc12
启用 Selinux True
策略类型 targeted
Enforcing 模式 Enforcing
插件名称 catchall
主机名 localhost.localdomain
平台 Linux localhost.localdomain 2.6.32.10-90.fc12.i686
#1 SMP Tue Mar 23 10:21:29 UTC 2010 i686 athlon
警报计数 37
第一个 2010年03月30日 星期二 08时55分02秒
最后一个 2010年04月02日 星期五 09时02分51秒
本地 ID 186f7409-4aaf-43f1-b0b1-0cf0a070d8ed
行号
原始核查信息
node=localhost.localdomain type=AVC msg=audit(1270170171.446:14): avc: denied { execute } for pid=1949 comm="chromium-browse" path="/dev/zero" dev=devtmpfs ino=3577 scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 tcontext=system_u:object_r:zero_device_t:s0 tclass=chr_file
node=localhost.localdomain type=SYSCALL msg=audit(1270170171.446:14): arch=40000003 syscall=192 per=400000 success=yes exit=11874304 a0=0 a1=2000 a2=7 a3=2 items=0 ppid=0 pid=1949 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="chromium-browse" exe="/usr/lib/chromium-browser/chromium-browser" subj=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 key=(null)
敬请老师帮忙,谢谢
yanqing148 于 2010-04-04 18:33:47发表:
解决啦,居然跟升级N卡的驱动有关,不知何故,在修改完grub.conf后,竟然不再出现引故障提示。也不过是加了一句vga=327呀!!!!!
yanqing148 于 2010-04-04 13:54:09发表:
怎么没人能帮忙解决呀,
Lahn 于 2010-04-02 18:39:39发表:
顶
xgbmhc 于 2010-04-02 14:39:04发表:
帮顶下