Announcement the se-sandbox-runner
Daniel J Walsh
dwalsh at redhat.com
Tue Sep 3 13:01:31 UTC 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/31/2013 04:54 AM, Fl at sh wrote:
> On Fri, 30 Aug 2013 16:07:43 -0400 Daniel J Walsh <dwalsh at redhat.com>
> wrote:
>
> ...
>>>
>> Try it in permissive mode.
>>
>
> Unfortunately, does not work in this mode too. :(
>
> $ ls -Z . | grep 456 drwxrwxr-x. Flash Flash
> unconfined_u:object_r:sandbox_file_t:s0:c123,c456 Example_HOME drwxrwxr-x.
> Flash Flash unconfined_u:object_r:sandbox_file_t:s0:c123,c456 Example_TMP $
> su -c getenforce Permissive $ /usr/bin/sandbox -s -d 96 -l s0:c123,c456 -X
> -H /home/Flash/Example_HOME -T /home/Flash/Example_TMP -I
> /home/Flash/.config/se-sandbox-runner/tyututiu_90.included -W kwin -w
> 1000x700 -t sandbox_x_t -S
>
> blink X-window, then nothing... $
>
Probably a problem with running full gnomes session within a Xephyr window.
If I have time, I will take a look at it. I would hope you could run simpler
window sessions there. Not sure if -W metacity would have any effect.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlIl3aoACgkQrlYvE4MpobNHdwCgnImEqlV3SVibTcqC0iR2k4To
dpoAoIjJgt+qBmsgdiC0wfw3ZD9FKcZs
=FqrX
-----END PGP SIGNATURE-----
More information about the selinux
mailing list