-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 06/23/2011 06:29 AM, GSO wrote:
This thread went offline, however to bring things back online, it
appears at least the binary download (running on SL6) of Firefox 5 just
released does not work in the sandbox either. The SELinux audit
messages are:
Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
class dir not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission execmod in class
dir not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
class lnk_file not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission open in class
lnk_file not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission execmod in class
lnk_file not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
class chr_file not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
class blk_file not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission execmod in class
blk_file not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
class sock_file not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission execmod in class
sock_file not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission audit_access in
class fifo_file not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission execmod in class
fifo_file not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: Permission syslog in class
capability2 not defined in policy.
Jun 22 21:40:22 localhost kernel: SELinux: the above unknown classes and
permissions will be allowed
Jun 22 21:40:24 localhost dbus: avc: received policyload notice (seqno=5)
Jun 22 21:40:24 localhost dbus: avc: received policyload notice (seqno=5)
Jun 22 21:40:24 localhost dbus: avc: received policyload notice (seqno=5)
Jun 22 21:40:24 localhost dbus: avc: received policyload notice (seqno=5)
Jun 22 21:40:24 localhost dbus: avc: received policyload notice (seqno=5)
Jun 22 21:40:24 localhost dbus: [system] Reloaded configuration
The sandbox window starts up but crashes before any sign of FF
materialises, works fine in permissive mode or unsandboxed otherwise.
I've put the FF binaries in /opt.
On 19 June 2011 17:53, Dominick Grift <domg472(a)gmail.com
<mailto:domg472@gmail.com>> wrote:
On Sun, 2011-06-19 at 13:57 +0100, GSO wrote:
> The default build using the google repos results in chromium
grinding to a
> halt with a black window when run in a sandbox. Is it technically
possible
> to run chrome in a sandbox, would building from source fix this at
all?
I do not think it will work since both sandbox an chrome use namespace
and chrome cant run if sandbox already runs in a namespace (or something
along those lines is my understanding if this issue)
> --
> selinux mailing list
> selinux(a)lists.fedoraproject.org
<mailto:selinux@lists.fedoraproject.org>
>
https://admin.fedoraproject.org/mailman/listinfo/selinux
--
selinux mailing list
selinux(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
I looked for firefox5 x86_64 and did not quickly find it, if you know
where there is a link, I will look into what is going on, otherwise I
will wait until Fedora Packages it. It does seem strange that you are
getting those
Permission audit_access in class sock_file not defined in policy.
errors, What OS are you using? What kernel?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
iEYEARECAAYFAk4DMBcACgkQrlYvE4MpobMJCACgy6ZiWfFmuOIjpeyAC/aIUTi0
fZkAnRadq7pW+O1/DKN35gvhfPblbuxm
=yBK/
-----END PGP SIGNATURE-----