On 06/23/2011 06:29 AM, GSO wrote:
> This thread went offline, however to bring things back online, it
> appears at least the binary download (running on SL6) of Firefox 5 just
> released does not work in the sandbox either. The SELinux audit
> messages are:
>
> Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
> class dir not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission execmod in class
> dir not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
> class lnk_file not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission open in class
> lnk_file not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission execmod in class
> lnk_file not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
> class chr_file not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
> class blk_file not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission execmod in class
> blk_file not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
> class sock_file not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission execmod in class
> sock_file not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
> class fifo_file not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission execmod in class
> fifo_file not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: Permission syslog in class
> capability2 not defined in policy.
> Jun 22 21:40:22 localhost kernel: SELinux: the above unknown classes and
> permissions will be allowed
> Jun 22 21:40:24 localhost dbus: avc: received policyload notice (seqno=5)
> Jun 22 21:40:24 localhost dbus: avc: received policyload notice (seqno=5)
> Jun 22 21:40:24 localhost dbus: avc: received policyload notice (seqno=5)
> Jun 22 21:40:24 localhost dbus: avc: received policyload notice (seqno=5)
> Jun 22 21:40:24 localhost dbus: avc: received policyload notice (seqno=5)
> Jun 22 21:40:24 localhost dbus: [system] Reloaded configuration
>
> The sandbox window starts up but crashes before any sign of FF
> materialises, works fine in permissive mode or unsandboxed otherwise.
> I've put the FF binaries in /opt.
>
> On 19 June 2011 17:53, Dominick Grift <
domg472@gmail.com