3

nm�a
�@sTdd
lZej
ddd�Z
e
jZddlTddlmZ
dd
lZdd
lZGdd�de�Zd
S)	�Nzsetroubleshoot-pluginsT)
Zfallback)
�
*)
�Pluginc@sLeZ
dZed
�
Zed�
Zed�
ZdZed�
Zed�
Z	dZ
dd	�Zd
d�ZdS)
�pluginzS
    SELinux has prevented vbetool from performing an unsafe memory operation.
    a�

SELinux denied an operation requested by $SOURCE, a program used
to alter video hardware state.  This program is known to use
an unsafe operation on system memory but so are a number of
malware/exploit programs which masquerade as vbetool.  This tool is used to
reset video state when a machine resumes from a suspend.  If your machine
is not resuming properly your only choice is to allow this
operation and reduce your system security against such malware.

    z�
If you decide to continue to run the program in question you will need
to allow this operation.  This can be done on the command line by
executing:

# setsebool -P mmap_low_allowed 1
z)/usr/sbin/setsebool -P mmap_low_allowed 1zfIf you want to ignore this AVC because it is dangerous and your machine seems to be working correctly.zRyou must tell SELinux about this by enabling the vbetool_mmap_zero_ignore boolean.z)# setsebool -P vbetool_mmap_zero_ignore 1c

Cs tj
|t�
d
|_td�
|_dS)NTzTurn off memory protection)r�__init__�__name__Zfixable�
_Zbutton_text)
�self�r	�,/usr/share/setroubleshoot/plugins/vbetool.pyr;s


zplugin.__init__cCs6|
jd
g
�
r2|
j
dg
�
r2tj|
j�
jdkr2|j�SdS)NZ	mmap_zeroZ	vbetool_tr
)Zhas_any_access_inZmatches_source_types�os�statZspath�st_uidZreport)rZavcr	r	r
�analyze@s




zplugin.analyzeN)
r�
__module__�__qualname__rZsummaryZproblem_descriptionZfix_descriptionZfix_cmdZif_textZ	then_textZdo_textrrr	r	r	r
rs
	

r)	�gettextZtranslationrZsetroubleshoot.utilZsetroubleshoot.Pluginr�rerrr	r	r	r
�<module>s