On 05/24/2011 11:17 AM, Daniel J Walsh wrote:
Well chromium-browser is complaining about
Failed to more to new PID namespace: Operation not permitted
Even in permissive mode. I guess the problem is that chromium can not
run within a sandbox.
If you execute
mkdir -P ~/sandbox/tmp
mkdir -P ~/sandbox/home
seunshare -t ~/sandbox/tmp -h ~/sandbox/home -- /usr/bin/chromium-browser
You will get the error.
I am not sure you can clone within a clone...
--
Right it doesn't work for sure - I had vague recollections someone
(you I think?) saying they might try touch base with the google folks
about co-coordinating to try make selinux sandbox work .. that was a few
months ago ... but dont remember when exactly ...