The latest chrome from Google was just installed on F18 (Version 28.0.1500.45)
It causes AVC ....
type=SYSCALL msg=audit(1371510820.873:4036): arch=c000003e syscall=56 success=yes
exit=7579 a0=60000011 a1=0 a2=0 a3=0 items=0 ppid=7569 pid=7575 auid=1001 uid=1001
gid=1001 euid=0 suid=0 fsuid=0 egid=1001 sgid=1001 fsgid=1001 ses=6 tty=(none)
comm="chrome-sandbox" exe="/opt/google/chrome/chrome-sandbox"
subj=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(1371510821.165:4037): avc: denied { create } for pid=7579
comm="chrome" name="libpeerconnection.log"
scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:user_home_dir_t:s0 tclass=file
type=SYSCALL msg=audit(1371510821.165:4037): arch=c000003e syscall=2 success=no exit=-13
a0=7f8c1b51e738 a1=441 a2=1b6 a3=ffffe000 items=0 ppid=0 pid=7579 auid=1001 uid=1001
gid=1001 euid=1001 suid=1001 fsuid=1001 egid=1001 sgid=1001 fsgid=1001 ses=6 tty=(none)
comm="chrome" exe="/opt/google/chrome/chrome"
subj=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 key=(null)
The suggestion in the troubleshooter fails so....
[root@meimei tmp]# grep chrome /var/log/audit/audit.log | audit2allow -M chrome
******************** IMPORTANT ***********************
To make this policy package active, execute:
semodule -i chrome.pp
[root@meimei tmp]# semodule -i chrome.pp
libsepol.print_missing_requirements: chrome's global requirements were not met:
type/attribute chrome_sandbox_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file or directory).
semodule: Failed!
Suggestion as to how to fix?
--
The only thing worse than a poorly asked question is a cryptic answer.