Comments

72 Comments

WFM

karma

WFM

Test Case firefox browse

WFM

WFM

karma

WFM

Test Case firefox browse
Test Case firefox media
karma

Works fine. I don't see the Ctrl-S issue mentioned on the F37 update page - it works fine for me - Cinnamon Spin running on X (Cinnamon doesn't run Wayland). I note that I still have widget.use-xdg-desktop-portal.file-picker=2.

Test Case firefox browse
Test Case firefox media

WFM

karma

WFM

karma

Works fine - installed 3 days ago from koji and no problems found.

Tested with gnome-boxes.

BZ#2051577 SELinux is preventing qemu-kvm from 'map' accesses on the anon_inode anon_inode.

WFM

karma

WFM

karma

WFM

WFM

@stransky I agree with @bitter that this ought to be pushed. Firefox is now on 96.0.2 and, as @bitter says, F35 has been pushed despite this issue.

The upstream issue https://github.com/linuxmint/muffin/issues/611 has been open for 6 days and is not yet assigned, so waiting for that doesn't seem sensible.

Ideally, https://hg.mozilla.org/integration/autoland/rev/e4f54b8aab646425e35ab5a810cb1f3b73f72eca should be reverted, at least temporarily until the upstream issue is fixed.

Looks like selinux type thumb_t is still denied access to sock_file bus. I have the error for gdk-pixbuf-thum and similarly for the evince-thumbnai (shown in full):


SELinux is preventing gdk-pixbuf-thum from write access on the sock_file bus.

type=AVC msg=audit(1642217383.944:3610): avc: denied { write } for pid=45515 comm="gdk-pixbuf-thum" name="bus" dev="tmpfs" ino=48 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=sock_file permissive=0

=================================

SELinux is preventing evince-thumbnai from write access on the sock_file bus.

* Plugin catchall (100. confidence) suggests ******

If you believe that evince-thumbnai should be allowed write access on the bus sock_file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'evince-thumbnai' --raw | audit2allow -M my-evincethumbnai
# semodule -X 300 -i my-evincethumbnai.pp

Additional Information:
Source Context unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023
Target Context unconfined_u:object_r:session_dbusd_tmp_t:s0
Target Objects bus [ sock_file ]
Source evince-thumbnai
Source Path evince-thumbnai
Port <Unknown>
Host <redacted>
Source RPM Packages

Target RPM Packages

SELinux Policy RPM selinux-policy-targeted-34.23-1.fc34.noarch
Local Policy RPM selinux-policy-targeted-34.23-1.fc34.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name <redacted>
Platform Linux <redacted> 5.15.16-100.fc34.x86_64 #1 SMP
Thu Jan 20 16:34:27 UTC 2022 x86_64 x86_64
Alert Count 376
First Seen 2022-01-25 00:29:53 CET
Last Seen 2022-01-25 00:39:57 CET
Local ID b7d2af66-0438-495a-a43c-e6c0f046f864

Raw Audit Messages
type=AVC msg=audit(1643067597.34:684): avc: denied { write } for pid=11281 comm="evince-thumbnai" name="bus" dev="tmpfs" ino=37 scontext=unconfined_u:unconfined_r:thumb_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:session_dbusd_tmp_t:s0 tclass=sock_file permissive=0

Hash: evince-thumbnai,thumb_t,session_dbusd_tmp_t,sock_file,write

WFM - solves the bluetooth initialization problem that all previous 5.15 kernels had.

BZ#2027071 Rebooting kernel 5.15.4 fails to initialize certain Intel bluetooth devices

See comment 3 of https://bugzilla.redhat.com/show_bug.cgi?id=2040877

This makes almost impossible to use on cinnamon if you prefer no title-bar (as I do)