Similar problem has been detected:

Blender import STL utility crashes application and causes this SELinux error

hashmarkername: setroubleshoot
kernel:         5.8.18-300.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-30.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

Similar problem has been detected:

gnome printer settings crashed

hashmarkername: setroubleshoot
kernel:         5.8.18-300.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-30.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

Switching on an external hard disk, connected through a firewire port

hashmarkername: setroubleshoot
kernel:         5.8.18-300.fc33.x86_64
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

Similar here with file card0

-----
SELinux is preventing gdb from read access on the chr_file card0.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that gdb should be allowed read access on the card0 chr_file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'gdb' --raw | audit2allow -M my-gdb
# semodule -X 300 -i my-gdb.pp

Additional Information:
Source Context                system_u:system_r:abrt_t:s0-s0:c0.c1023
Target Context                system_u:object_r:dri_device_t:s0
Target Objects                card0 [ chr_file ]
Source                        gdb
Source Path                   gdb
Port                          <Unknown>
Host                          fergie
Source RPM Packages           
Target RPM Packages           
SELinux Policy RPM            selinux-policy-targeted-3.14.6-30.fc33.noarch
Local Policy RPM              selinux-policy-targeted-3.14.6-30.fc33.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     fergie
Platform                      Linux fergie 5.9.8-200.fc33.x86_64 #1 SMP Tue Nov
                              10 21:58:19 UTC 2020 x86_64 x86_64
Alert Count                   10
First Seen                    2020-11-15 11:46:19 MSK
Last Seen                     2020-11-15 11:46:19 MSK
Local ID                      f1d5dc1e-899b-45e8-a667-df71e3a98b2a

Raw Audit Messages
type=AVC msg=audit(1605429979.62:890): avc:  denied  { read } for  pid=5735 comm="gdb" name="card0" dev="devtmpfs" ino=665 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:dri_device_t:s0 tclass=chr_file permissive=0


Hash: gdb,abrt_t,dri_device_t,chr_file,read

And here is a seemingly related failure, on most recent boot it happened almost 100 times in a few seconds.

The file(s) it's trying to access is:

./var/lib/sddm/.cache/sddm-greeter/qmlcache/f608f40699df11a4f08066742c239d574011c351.qmlc

There is a whole bunch of them in that directory.

-------------------------

SELinux is preventing gdb from read access on the file 01afb6838a82a1f8d70b16ab3b5e324424f3d3ac.qmlc.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that gdb should be allowed read access on the 01afb6838a82a1f8d70b16ab3b5e324424f3d3ac.qmlc file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'gdb' --raw | audit2allow -M my-gdb
# semodule -X 300 -i my-gdb.pp

Additional Information:
Source Context                system_u:system_r:abrt_t:s0-s0:c0.c1023
Target Context                system_u:object_r:xdm_var_lib_t:s0
Target Objects                01afb6838a82a1f8d70b16ab3b5e324424f3d3ac.qmlc [
                              file ]
Source                        gdb
Source Path                   gdb
Port                          <Unknown>
Host                          fergie
Source RPM Packages           
Target RPM Packages           
SELinux Policy RPM            selinux-policy-targeted-3.14.6-30.fc33.noarch
Local Policy RPM              selinux-policy-targeted-3.14.6-30.fc33.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     fergie
Platform                      Linux fergie 5.9.8-200.fc33.x86_64 #1 SMP Tue Nov
                              10 21:58:19 UTC 2020 x86_64 x86_64
Alert Count                   98
First Seen                    2020-11-16 21:11:05 MSK
Last Seen                     2020-11-16 21:11:05 MSK
Local ID                      a2b5b658-ea67-458e-abf3-fec8ce898cda

Raw Audit Messages
type=AVC msg=audit(1605550265.340:735): avc:  denied  { read } for  pid=1848 comm="gdb" name="01afb6838a82a1f8d70b16ab3b5e324424f3d3ac.qmlc" dev="sda2" ino=657093 scontext=system_u:system_r:abrt_t:s0-s0:c0.c1023 tcontext=system_u:object_r:xdm_var_lib_t:s0 tclass=file permissive=0


Hash: gdb,abrt_t,xdm_var_lib_t,file,read

*** Bug 1900052 has been marked as a duplicate of this bug. ***

Similar problem has been detected:

I cannot report a crash that happened in Firefox Wayland when sharing a window, probably due to this SELinux config.

hashmarkername: setroubleshoot
kernel:         5.9.9-200.fc33.x86_64
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

Similar problem has been detected:

Happened while watching a MKV file

hashmarkername: setroubleshoot
kernel:         5.9.13-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-31.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

I was reading a web page and viewing a pdf file. When I scrolled downward, my session froze then the window manager restarted

hashmarkername: setroubleshoot
kernel:         5.9.13-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-31.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

Logged in to Plasma session (Non-Wayland) from cold boot.

hashmarkername: setroubleshoot
kernel:         5.9.13-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-31.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

Possibly when attempt to print test page on newly installed printer.

hashmarkername: setroubleshoot
kernel:         5.9.10-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-30.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

Similar problem has been detected:

Attempting to print a test page.

hashmarkername: setroubleshoot
kernel:         5.9.10-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-30.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

Similar problem has been detected:

As far as I can tell:
Installing some new "Global Themes" in the KDE "System Settings" applet:
	A: requires elevated permissions and 	
	B: crashes the KDE "System Settings" applet
Which invokes GDB to try and debug that crash.
Which runs afoul of SELinux.
Which creates this bug report.

hashmarkername: setroubleshoot
kernel:         5.9.15-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-33.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

Firefox froze momentarily, and then i was notified that GDB debug was denied for DRI.

hashmarkername: setroubleshoot
kernel:         5.9.16-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-33.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

Users seem to be reporting this AVC in relation to many different events.  For me, I can reliably reproduce this AVC by causing an application to crash.  (Turns out, a program i regularly use is broken in F33, so I can tell this AVC occurs every time I try to start it.) I think ABRT is trying to start gdb?

Similar problem has been detected:

updated cinnamon DE and rebooted

hashmarkername: setroubleshoot
kernel:         5.9.16-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-33.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

Xorg with nouveau doesn't wake display or card  from powered system suspend (sleep). When Xorg session is killed, SELinux consumes load on single thread of CPU on and floods system journal with gdb attempting to "read" "card0"

hashmarkername: setroubleshoot
kernel:         5.9.16-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-33.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

I thing that this happened when Nextcloud client crashed.

hashmarkername: setroubleshoot
kernel:         5.10.6-200.fc33.x86_64
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

Trying to run the game marsshooter.

hashmarkername: setroubleshoot
kernel:         5.10.6-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-33.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

*** Bug 1917977 has been marked as a duplicate of this bug. ***

Similar problem has been detected:

I logged out of electrum, after a few seconds some error occurred and started generating error reports. After this launch, this message appeared.

hashmarkername: setroubleshoot
kernel:         5.10.9-201.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-34.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

Similar problem has been detected:

was playing game and screen turned black then it came back with all sorts of artefacts on screen.
did ctrl+alt+f4 screen suddenly came back in normal environnement.
 tons of SElinux alerts.
 when i try recommended command it says: Nothing to do and
libsemanage.map_file: Unable to open my-gdb.pp
 (No such file or directory).
libsemanage.semanage_direct_install_file: Unable to read file my-gdb.pp
 (No such file or directory).
semodule:  Failed on my-gdb.pp!

hashmarkername: setroubleshoot
kernel:         5.10.9-301.preempt_fsync.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-34.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

*** Bug 1930719 has been marked as a duplicate of this bug. ***

*** Bug 1936220 has been marked as a duplicate of this bug. ***

*** Bug 1936890 has been marked as a duplicate of this bug. ***

Similar problem has been detected:

Using Konsole

hashmarkername: setroubleshoot
kernel:         5.8.15-301.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-35.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Martine,

We have a bunch of bugs for abrt executing gdb which subsequently requires access to various devices, capabilities, and permissions. It was first reported in this bz 2020-11-11, so it probably is related to some change prior to this date in how abrt gets to executing gdb. Can you tell us the chain of commands which eventually ends with gdb?

Internal note - there is abrt-handle-event which is quite powerful:

# ll -Za /usr/libexec/abrt-handle-event
-rwxr-xr-x. 1 root root system_u:object_r:abrt_handle_event_exec_t:s0 24568 25. led 19.26 /usr/libexec/abrt-handle-event

# seinfo -xt abrt_handle_event_t

Types: 1
   type abrt_handle_event_t, abrt_domain, application_domain_type, can_read_shadow_passwords, can_write_shadow_passwords, can_relabelto_shadow_passwords, can_change_object_identity, can_load_kernmodule, can_load_policy, can_setbool, can_setenforce, can_setsecparam, corenet_unconfined_type, corenet_unlabeled_type, devices_unconfined_type, domain, files_unconfined_type, filesystem_unconfined_type, kern_unconfined, kernel_system_state_reader, named_filetrans_domain, process_uncond_exempt, selinux_unconfined_type, storage_unconfined_type, unconfined_domain_type, dbusd_unconfined, sepgsql_unconfined_type, can_relabelto_binary_policy, userdom_filetrans_type, x_domain, xserver_unconfined_type;

*** Bug 1896762 has been marked as a duplicate of this bug. ***

*** Bug 1897468 has been marked as a duplicate of this bug. ***

*** Bug 1897863 has been marked as a duplicate of this bug. ***

*** Bug 1899215 has been marked as a duplicate of this bug. ***

*** Bug 1901406 has been marked as a duplicate of this bug. ***

*** Bug 1902602 has been marked as a duplicate of this bug. ***

*** Bug 1903404 has been marked as a duplicate of this bug. ***

*** Bug 1912029 has been marked as a duplicate of this bug. ***

*** Bug 1915470 has been marked as a duplicate of this bug. ***

*** Bug 1917228 has been marked as a duplicate of this bug. ***

*** Bug 1929758 has been marked as a duplicate of this bug. ***

*** Bug 1929759 has been marked as a duplicate of this bug. ***

*** Bug 1936305 has been marked as a duplicate of this bug. ***

*** Bug 1937021 has been marked as a duplicate of this bug. ***

*** Bug 1938237 has been marked as a duplicate of this bug. ***

*** Bug 1943780 has been marked as a duplicate of this bug. ***

Similar problem has been detected:

I was work on my laptop and the system STUCK and REBOOT.

hashmarkername: setroubleshoot
kernel:         5.11.11-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-36.fc33.noarch
reason:         SELinux is preventing gdb from 'open' accesses on the chr_file /dev/nvidia0.
type:           libreport

Similar problem has been detected:

Wehen login after update to Fedora 34

hashmarkername: setroubleshoot
kernel:         5.11.12-300.fc34.x86_64
package:        selinux-policy-targeted-34.2-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file nvidiactl.
type:           libreport

Similar problem has been detected:

I ran gdb on a (coredump of a) process that was accessing second GPU.

hashmarkername: setroubleshoot
kernel:         5.11.14-300.fc34.x86_64
package:        selinux-policy-targeted-34.3-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card1.
type:           libreport

Similar problem has been detected:

DEFAULTH

hashmarkername: setroubleshoot
kernel:         5.11.16-300.fc34.x86_64
package:        selinux-policy-targeted-34.3-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

I inserted my Logitech game controller in the usb and got this bug

hashmarkername: setroubleshoot
kernel:         5.11.17-300.fc34.x86_64
package:        selinux-policy-targeted-34.4-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

Happens when flatpak apps crash with ABRT installed.

hashmarkername: setroubleshoot
kernel:         5.12.2-300.fc34.x86_64
package:        selinux-policy-targeted-34.5-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

*** Bug 1959183 has been marked as a duplicate of this bug. ***

Similar problem has been detected:

Disconnect USB-C dock.

hashmarkername: setroubleshoot
kernel:         5.11.19-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-37.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

Survient après la mise à jour

hashmarkername: setroubleshoot
kernel:         5.11.20-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-37.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the fichier user.
type:           libreport

Similar problem has been detected:

Got through:
from numpy import pi, sin, cos, mgrid
dphi, dtheta = pi/250.0, pi/250.0
[phi,theta] = mgrid[0:pi+dphi*1.5:dphi,0:2*pi+dtheta*1.5:dtheta]
m0 = 4; m1 = 3; m2 = 2; m3 = 3; m4 = 6; m5 = 2; m6 = 6; m7 = 4;
r = sin(m0*phi)**m1 + cos(m2*phi)**m3 + sin(m4*theta)**m5 + cos(m6*theta)**m7
x = r*sin(phi)*cos(theta)
y = r*cos(phi)
z = r*sin(phi)*sin(theta)

in mayavi2

on typing:
from mayavi import mlab
it crashed 

hashmarkername: setroubleshoot
kernel:         5.11.20-300.fc34.x86_64
package:        selinux-policy-targeted-34.7-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

On a desktop with an AMD graphics card, happens sometimes when electron applications crash.

SELinux is preventing gdb from read access on the chr_file renderD128.

Plugin: catchall 
 SELinux denied access requested by gdb. It is not expected that this access is
required by gdb and this access may signal an intrusion attempt. It is also
possible that the specific version or configuration of the application is
causing it to require additional access.

If you believe that gdb should be allowed read access on the renderD128 chr_file by default.
You should report this as a bug.
You can generate a local policy module to allow this access.
Allow this access for now by executing:
# ausearch -c 'gdb' --raw | audit2allow -M my-gdb
# semodule -X 300 -i my-gdb.pp

*** Bug 1965531 has been marked as a duplicate of this bug. ***

Similar problem has been detected:

Upon returning from suspend-to-ram and login in to Xfce again. I loaded a new website in an already open Firefox tab, and the web render area began blinking randomly. Within 3-4 seconds, the X Server session died. I logged in again and immediatelly this SEL error kept continually coming up

hashmarkername: setroubleshoot
kernel:         5.12.6-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-37.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

Nach system re-start

hashmarkername: setroubleshoot
kernel:         5.12.8-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-37.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the Datei user.
type:           libreport

Similar problem has been detected:

This seems to happen every time when some GUI application crashes (most recently, the spotify flatpak, when closing the window), and gdb tries to generate a coredump for ABRT or something.

I'm using the proprietary NVidia driver.

hashmarkername: setroubleshoot
kernel:         5.12.10-300.fc34.x86_64
package:        selinux-policy-targeted-34.11-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file nvidiactl.
type:           libreport

> 
> I'm using the proprietary NVidia driver.
> 

I experience this issue as well, but I am not using any proprietary drivers.

Similar problem has been detected:

Plasma System Settings crashed, which probably started DrKonqi in the background (I cannot see it yet).

hashmarkername: setroubleshoot
kernel:         5.12.11-300.fc34.x86_64
package:        selinux-policy-targeted-34.11-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

Similar problem has been detected:

I was tweaking some window buttons configuration, then i apply and plasma just crashes, it opens again and i get like 800 errors.

hashmarkername: setroubleshoot
kernel:         5.12.12-300.fc34.x86_64
package:        selinux-policy-targeted-34.11-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport

Similar problem has been detected:

I was working on a presentation on libreoffice, when Xorg crashed.  When I logged back in, I received a series of these denials.

This is not the first time (the Xorg crash, and these SELinux denials after a crash).  I think abrt tries to run something and fails.

hashmarkername: setroubleshoot
kernel:         5.12.12-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-38.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

I was using LibreOffice Calc. I clicked on a new cell to type a formula, and at that point the display first freezed, then flickered, I could briefly see the bootup/shutdown sequence of systemd units turning off, and then Xorg restarted and I was thrown back at the LightDM login screen. 

hashmarkername: setroubleshoot
kernel:         5.12.13-200.fc33.x86_64
package:        selinux-policy-targeted-3.14.6-38.fc33.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

seems to happen when flatpak apps crash

I'm on amdgpu, fedora 34

Similar problem has been detected:

right on desktop login

hashmarkername: setroubleshoot
kernel:         5.12.14-300.fc34.x86_64
package:        selinux-policy-targeted-34.13-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file card0.
type:           libreport

Similar problem has been detected:

I closed KVM. 

hashmarkername: setroubleshoot
kernel:         5.12.14-300.fc34.x86_64
package:        selinux-policy-targeted-34.13-1.fc34.noarch
reason:         SELinux is preventing gdb from 'read' accesses on the chr_file renderD128.
type:           libreport