http://bugs.winehq.org/show_bug.cgi?id=15096
--- Comment #6 from David Earle davidearlenz@gmail.com 2008-09-18 03:08:03 --- I have tested the patch and it does take things a little further along the way
I don't get the message of insufficient rights
The console output moves onto an 'unhandled page fault':
fixme:advapi:LookupAccountNameW L"" L"NT AUTHORITY" (nil) 0x7e2c9ae8 (nil) 0x7e2c9ae4 0x7e2c9ad8 - stub fixme:advapi:LookupAccountNameW L"" L"NT AUTHORITY" 0x16a3a790 0x7e2c9ae8 0x168c25c0 0x7e2c9ae4 0x7e2c9ad8 - stub fixme:netapi32:NetUserGetLocalGroups ((null), L"NT AUTHORITY\david", 0, 00000001, 0x33f3ec -1, 0x33f3c8, 0x33f3c4) stub! wine: Unhandled page fault on write access to 0x00000077 at address 0x7bc432b2 (thread 0037), starting debugger...
At this point, I also get the following SELinux alert:
Summary:
SELinux is preventing ntlm_auth (winbind_helper_t) "read write" to /dev/snd/controlC0 (sound_device_t).
Detailed Description:
SELinux denied access requested by ntlm_auth. It is not expected that this access is required by ntlm_auth and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access.
Allowing Access:
Sometimes labeling problems can cause SELinux denials. You could try to restore the default system file context for /dev/snd/controlC0,
restorecon -v '/dev/snd/controlC0'
If this does not work, there is currently no automatic way to allow this access. Instead, you can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package.
Additional Information:
Source Context unconfined_u:unconfined_r:winbind_helper_t :SystemLow-SystemHigh Target Context system_u:object_r:sound_device_t Target Objects /dev/snd/controlC0 [ chr_file ] Source ntlm_auth Source Path /usr/bin/ntlm_auth Port <Unknown> Host localhost.localdomain Source RPM Packages samba-winbind-3.2.3-0.20.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-87.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall_file Host Name localhost.localdomain Platform Linux localhost.localdomain 2.6.25.14-108.fc9.x86_64 #1 SMP Mon Aug 4 13:46:35 EDT 2008 x86_64 x86_64 Alert Count 1 First Seen Thu 18 Sep 2008 06:53:09 PM NZST Last Seen Thu 18 Sep 2008 07:47:46 PM NZST Local ID 3b8729bc-33fb-4f7a-adaf-b42ebc441926 Line Numbers
Raw Audit Messages
host=localhost.localdomain type=AVC msg=audit(1221724066.587:14): avc: denied { read write } for pid=3560 comm="ntlm_auth" path="/dev/snd/controlC0" dev=tmpfs ino=5980 scontext=unconfined_u:unconfined_r:winbind_helper_t:s0-s0:c0.c1023 tcontext=system_u:object_r:sound_device_t:s0 tclass=chr_file
host=localhost.localdomain type=SYSCALL msg=audit(1221724066.587:14): arch=40000003 syscall=11 success=yes exit=0 a0=33f9fe a1=33fadc a2=ffeaea1c a3=ffeb0c9c items=0 ppid=3559 pid=3560 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=pts1 ses=1 comm="ntlm_auth" exe="/usr/bin/ntlm_auth" subj=unconfined_u:unconfined_r:winbind_helper_t:s0-s0:c0.c1023 key=(null)
Please advise if this is a related or a new bug. And whether it is advisable to create a local policy for the SELinux issue.