F14, google-chrome won't launch after yum update [SOLVED]

[jackson byers]

Daniel J Walsh replied

>My goal is not to get into the blame game, but google-chrome requires
>some strange access that I have never seen an app need before.
>Basically an application chrome-sandbox needing to load the the
>executable (not shared library) chrome which was not compiled with
>PIC.  The latest chrome browser from beta release requires mmap_zero,
>which is a very dangerous access that we will not give.

>If you do not want SELinux controlling chrome-sandbox you can turn off
>the boolean unconfined_chrome_sandbox_transition

>setsebool -P unconfined_chrome_sandbox_transition 0

-
[root at f14 ~]# setsebool -P unconfined_chrome_sandbox_transition 0
libsemanage.dbase_llist_set: record not found in the database (No such
file or directory).
libsemanage.dbase_llist_set: could not set record value (No such file
or directory).
Could not change boolean unconfined_chrome_sandbox_transition
Could not change policy booleans

so that failed; all greek to me.


>> http://fedoraproject.org/wiki/Chromium
>The link above has a version of chrome, specially built for Fedora
>which should work fine with SELinux.

    Daniel, I will keep this as a fallback solution

-------
Lancebaynes87 replied

>give this out with root:
>semanage fcontext -a  -s system_u  -t usr_t /opt/google/chrome/chrome-sandbox
>restorecon -v /opt/google/chrome/chrome-sandbox


[root at f14 ~]# restorecon -v /opt/google/chrome/chrome-sandbox
restorecon reset /opt/google/chrome/chrome-sandbox context
system_u:object_r:chrome_sandbox_exec_t:s0->system_u:object_r:usr_t:s0

Now, chrome comes up!


Thanks to Daniel for the explanation, even tho my understanding is weak-to-nil.

Thanks to Lance for the fix!

Jack