triage October 2011

triage@lists.fedoraproject.org

1 participants
18 discussions

needinfo canceled: [Bug 592089] SELinux is preventing /usr/lib/cups/backend/mfp "getattr" access to device /dev/mfpports/probe.
by Red Hat Bugzilla 16 Oct '11

16 Oct '11

Product: Fedora Version: 12 Component: selinux-policy Simon <simon(a)conditional-fee.co.uk> has canceled Bug Zapper <triage(a)lists.fedoraproject.org>'s request for needinfo: Bug 592089: SELinux is preventing /usr/lib/cups/backend/mfp "getattr" access to device /dev/mfpports/probe. https://bugzilla.redhat.com/show_bug.cgi?id=592089 ------- Additional Comments from Simon <simon(a)conditional-fee.co.uk> Hello again, I bought a samsung CLX-6220FX which prints OK but each time I try to use the smatpanel or unified driver configurater selinux block it:- SELinux is preventing /opt/Samsung/mfp/bin/Configurator from using the execstack access on a process. ***** Plugin allow_execstack (53.1 confidence) suggests ******************** If you believe that None should not require execstack Then you should clear the execstack flag and see if /opt/Samsung/mfp/bin/Configurator works correctly. Report this as a bug on None. You can clear the exestack flag by executing: Do execstack -c None ***** Plugin catchall_boolean (42.6 confidence) suggests ******************* If you want to allow unconfined executables to make their stack executable. This should never, ever be necessary. Probably indicates a badly coded executable, but could indicate an attack. This executable should be reported in bugzilla Then you must tell SELinux about this by enabling the 'allow_execstack' boolean. Do setsebool -P allow_execstack 1 ***** Plugin catchall (5.76 confidence) suggests *************************** If you believe that Configurator should be allowed execstack access on processes labeled unconfined_t by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep Configurator /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1 023 Target Objects Unknown [ process ] Source Configurator Source Path /opt/Samsung/mfp/bin/Configurator Port <Unknown> Host www.conditional-fee.co.uk Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.9.7-44.fc14 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name www.conditional-fee.co.uk Platform Linux www.conditional-fee.co.uk 2.6.35.14-97.fc14.i686.PAE #1 SMP Sat Sep 17 00:22:29 UTC 2011 i686 i686 Alert Count 1 First Seen Sat 15 Oct 2011 17:11:32 BST Last Seen Sat 15 Oct 2011 17:11:32 BST Local ID b1f3562c-ec3e-48c8-9798-73102216119f Raw Audit Messages type=AVC msg=audit(1318695092.132:2519): avc: denied { execstack } for pid=14265 comm="Configurator" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process type=SYSCALL msg=audit(1318695092.132:2519): arch=i386 syscall=mprotect success=no exit=EACCES a0=bfb02000 a1=1000 a2=1000007 a3=bfb020ec items=0 ppid=1 pid=14265 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=268 comm=Configurator exe=/opt/Samsung/mfp/bin/Configurator subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null) Hash: Configurator,unconfined_t,unconfined_t,process,execstack audit2allow #============= unconfined_t ============== #!!!! This avc can be allowed using the boolean 'allow_execstack' allow unconfined_t self:process execstack; audit2allow -R #============= unconfined_t ============== #!!!! This avc can be allowed using the boolean 'allow_execstack' I want to use the scanning capability but not if the method involves any security risk (I've got another scanner -not as good) What are the implications of using execstack -c None please?

1 0

needinfo canceled: [Bug 503149] Add features to Anaconda to aid installation on Apple computers
by Red Hat Bugzilla 15 Oct '11

15 Oct '11

Product: Fedora Version: 15 Component: anaconda Chris Murphy <bugzilla(a)colorremedies.com> has canceled Bug Zapper <triage(a)lists.fedoraproject.org>'s request for needinfo: Bug 503149: Add features to Anaconda to aid installation on Apple computers https://bugzilla.redhat.com/show_bug.cgi?id=503149 ------- Additional Comments from Chris Murphy <bugzilla(a)colorremedies.com> This might need a separate bug report but I'll stick it in here for now. Consistently I'm finding the partition type GUID is wrong in a number of cases: The first ext4 partition listed in GPT (whether it's the 2nd partition entry or the 5th) is thus far always the GUID for "EFI System Partition" GUID C12A7328-F81F-11D2-BA4B-00A0C93EC93B. This is definitely incorrect, it should be GUID 0FC63DAF-8483-4772-8E79-3D69D8477DE4 "Linux filesystem". The net result of this bug is that there are two EFI System Partitions on a dual boot system, one of which is the real EFI System partition, and the other is the partition mounting as /boot. Probably not a good idea, should be fixed. Subsequent partitions either ext4, btrfs, or xfs have partition type GUID EBD0A0A2-B9E5-4433-87C0-68B6B72699C7 "Microsoft Windows basic data". This was done for a long time under MBR, using the same partition type hex code as Windows but linux filesystems have their own GUID which is 0FC63DAF-8483-4772-8E79-3D69D8477DE4. So it's a minor point, but ought to be fixed. "BIOS Boot" has the correct partition type GUID. "Linux LVM" partitions also have the correct partition type GUID. Last, all of my comments apply to F16 beta, so the version for this bug should be changed to 16. Now that I've inundated everyone with multiple comments, I'll remove the needinfo flag and await comments/questions on next steps.

1 0

needinfo canceled: [Bug 524458] Macbook Pro 5,5 video does not resume (with and without Nouveau KMS)
by Red Hat Bugzilla 12 Oct '11

12 Oct '11

Product: Fedora Version: 15 Component: kernel me(a)ibotty.net has canceled Bug Zapper <triage(a)lists.fedoraproject.org>'s request for needinfo: Bug 524458: Macbook Pro 5,5 video does not resume (with and without Nouveau KMS) https://bugzilla.redhat.com/show_bug.cgi?id=524458 ------- Additional Comments from me(a)ibotty.net as indicated last year, it did work with some not-so-magic kernel parameters. in f15 it works out of the box (well: using a newer kernel because of other bugs, which i can hardly reproduce (it's not my notebook) but which do not happen with the 3.1rcs.)

1 0

[Bug 253635] Inoperable short-cuts in search dialog
by Red Hat Bugzilla 07 Oct '11

07 Oct '11

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=253635 Jerry Amundson <jamundso(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC|jamundso(a)gmail.com | -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 124246] grubby fatal error: unable to find a suitable template
by Red Hat Bugzilla 07 Oct '11

07 Oct '11

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=124246 Slawomir Czarko <bugzilla.redhat.com(a)sklep.czarko.net> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |bugzilla.redhat.com(a)sklep.c | |zarko.net --- Comment #63 from Slawomir Czarko <bugzilla.redhat.com(a)sklep.czarko.net> 2011-10-06 15:37:38 EDT --- Got it on Fedora 15 when installing kernel-2.6.40.6-0.fc15.i686 -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 199246] [enh] support bridges
by Red Hat Bugzilla 04 Oct '11

04 Oct '11

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=199246 Lonni J Friedman <netllama(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |netllama(a)gmail.com -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 215371] rngd is missing initscript, attached
by Red Hat Bugzilla 04 Oct '11

04 Oct '11

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=215371 juan.oropeza(a)oracle.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |juan.oropeza(a)oracle.com --- Comment #18 from juan.oropeza(a)oracle.com 2011-10-03 11:41:55 EDT --- this problem is still occurring in Fedora 15, is there a package update that includes the startup script? I get the following output with the sample script ./rngd start Probing for HRNG module FATAL: Error inserting intel_rng (/lib/modules/2.6.40.4-5.fc15.x86_64/kernel/drivers/char/hw_random/intel-rng.ko): No such device FATAL: Error inserting via_rng (/lib/modules/2.6.40.4-5.fc15.x86_64/kernel/drivers/char/hw_random/via-rng.ko): No such device FATAL: Error inserting amd_rng (/lib/modules/2.6.40.4-5.fc15.x86_64/kernel/drivers/char/hw_random/amd-rng.ko): No such device (Hardware RNG device inode not found) ./rngd: Cannot find a hardware RNG device to use. -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

[Bug 204448] RPM verify not functional: "file's dependencies has changed since prelinking"
by Red Hat Bugzilla 01 Oct '11

01 Oct '11

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=204448 C.G. <carlo.garbarini+rhbug(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |carlo.garbarini+rhbug@gmail | |.com -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

triage October 2011