Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to convert pdf #127

Open
sareporter opened this issue Oct 11, 2021 · 1 comment
Open

Unable to convert pdf #127

sareporter opened this issue Oct 11, 2021 · 1 comment
Labels
bug Something isn't working P:linux

Comments

@sareporter
Copy link

I'm using Fedora 34. Attempting to convert a pdf results in a "Converting document to pixels" message, then after a few seconds, Dangerzone stops working with a "Failed :(" message. I also see a "Return Code 1" if that's relevant.

Thanks for any help you can offer ...
@iruukaa
Copy link

iruukaa commented Oct 18, 2021

I encountered the same issue and it looks like the culprit is a standard selinux policy in fedora.
Heres the AVC denial

SELinux is preventing python3 from read access on the file HS#47_Digital.pdf.

*****  Plugin catchall (100. confidence) suggests   **************************

If you believe that python3 should be allowed read access on the HS#47_Digital.pdf file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'python3' --raw | audit2allow -M my-python3
# semodule -X 300 -i my-python3.pp

Additional Information:
Source Context                system_u:system_r:container_t:s0:c201,c616
Target Context                unconfined_u:object_r:data_home_t:s0
Target Objects                HS#47_Digital.pdf [ file ]
Source                        python3
Source Path                   python3
Port                          <Unknown>
Host                          (removed)
Source RPM Packages           
Target RPM Packages           
SELinux Policy RPM            selinux-policy-targeted-34.21-1.fc34.noarch
Local Policy RPM              selinux-policy-targeted-34.21-1.fc34.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     (removed)
Platform                      Linux laptop 5.14.9-200.fc34.x86_64 #1 SMP x86_64 x86_64
Alert Count                   1
First Seen                    (removed)
Last Seen                     (removed)
Local ID                      305734d5-3f39-4b8b-884c-2c59477fb71b

Raw Audit Messages
type=AVC msg=audit(1634596624.535:708): avc:  denied  { read } for  pid=26871 comm="python3" name="HS#47_Digital.pdf" dev="dm-0" ino=35365 scontext=system_u:system_r:container_t:s0:c201,c616 tcontext=unconfined_u:object_r:data_home_t:s0 tclass=file permissive=0


Hash: python3,container_t,data_home_t,file,read

The policy generated by ausearch -c 'python3' --raw | audit2allow -M my-python3 did not work for me. After loading it, dangerzone threw an error that the file is not supported.

When SELinux is put in to permissive mode it works, but that's no proper solution.
And i currently do not understand SELinux enough, to find one.

Maybe @micahflee can take a look at it.

@deeplow deeplow added the bug Something isn't working label Jul 27, 2022
@deeplow deeplow mentioned this issue Oct 19, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working P:linux
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sareporter @iruukaa @deeplow