Ask Your Question
0

Wine always shows a notification

asked 2012-06-27 05:44:59 -0500

Ronald Andrade gravatar image

updated 2012-06-27 05:46:11 -0500

Hi guys, I'm using F17 with the last ver. of Wine and Wine Tricks. When I'm trying to open an app of win, it always shows me a box:

SELinux Alert Browser

The source process:  wine-preloader

Attempted this access: mmap-zero

memproctect:

In details, shows me this:

SELinux is preventing wine-preloader from mmap_zero access on the memprotect .

Plugin mmap_zero (53.1 confidence) suggests *******

If no cree que wine-preloader debería necesitar realizar un mmap sobre la baja memoria en el kernel. Then podría estar siendo víctima de un ataque, este es un acceso muy peligroso. Do póngase en contacto con su administrador de seguridad y reporte este problema.

Plugin catchall_boolean (42.6 confidence) suggests ******

If desea mmaplowallowed Then you must tell SELinux about this by enabling the 'mmaplowallowed' boolean.You can read 'unconfinedselinux' man page for more details. Do setsebool -P mmaplow_allowed 1

Plugin catchall (5.76 confidence) suggests ********

If cree que de manera predeterminada, wine-preloader debería permitir acceso mmap_zero sobre memprotect.
Then debería reportar esto como un error. Puede generar un módulo de política local para permitir este acceso. Do permita el acceso momentáneamente executando:

grep wine-preloader /var/log/audit/audit.log | audit2allow -M mypol

semodule -i mypol.pp

Additional Information: Source Context unconfinedu:unconfinedr:unconfinedt:s0-s0:c0.c1 023 Target Context unconfinedu:unconfinedr:unconfinedt:s0-s0:c0.c1 023 Target Objects [ memprotect ] Source wine-preloader Source Path wine-preloader Port <desconocido> Host FalconR-F17 Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.10.0-132.fc17.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name FalconR-F17 Platform Linux FalconR-F17 3.4.3-1.fc17.x8664 #1 SMP Mon Jun 18 19:53:17 UTC 2012 x8664 x86_64 Alert Count 127 First Seen mié 27 jun 2012 05:27:08 PET Last Seen mié 27 jun 2012 05:39:11 PET Local ID 93499a39-d64f-486d-9322-8ae50205e86d

Raw Audit Messages type=AVC msg=audit(1340793551.937:237): avc: denied { mmapzero } for pid=12101 comm="wine-preloader" scontext=unconfinedu:unconfinedr:unconfinedt:s0-s0:c0.c1023 tcontext=unconfinedu:unconfinedr:unconfined_t:s0-s0:c0.c1023 tclass=memprotect

Hash: wine-preloader,unconfinedt,unconfinedt,memprotect,mmap_zero

audit2allowunable to open /sys/fs/selinux/policy: Permission denied

audit2allow -Runable to open /sys/fs/selinux/policy: Permission denied

Finally, my application doesn't works, Is anybody having this kind of issue ?

Ronald

edit retag flag offensive close merge delete

1 Answer

Sort by » oldest newest most voted
5

answered 2012-10-04 13:38:16 -0500

Dan Walsh gravatar image

updated 2012-10-04 13:38:56 -0500

If your app is working, then I would just dontaudit this message, If this is forcing you to run in permissive mode then set the following boolean.

setsebool -P mmaplowallowed 1

The alert told you all this. If it was me I would run my windows apps in a virtual machine and stop playing with wine. :^)

edit flag offensive delete link more

Question Tools

Stats

Asked: 2012-06-27 05:44:59 -0500

Seen: 3,137 times

Last updated: Oct 04 '12