mozilla mail not starting under strict policy
Daniel J Walsh
dwalsh at redhat.com
Wed May 18 13:30:34 UTC 2005
Richard Hally wrote:
> when running strict policy on a fully updated rawhide, mozilla mail
> will not start when in enforcing mode of the strict policy.
> Doing a setenforce 0 allows it to start.
> (Note that the avc denied messages are only produce when in premissive
> mode)
> Below are the AVC denied messages:
>
> May 17 12:46:45 new2 kernel: audit(1116348405.108:0): avc: granted {
> setenforce } for scontext=root:sysadm_r:sysadm_t
> tcontext=system_u:object_r:security_t tclass=security
> May 17 12:46:45 new2 dbus: avc: received setenforce notice (enforcing=0)
> May 17 12:46:45 new2 dbus: avc: received setenforce notice (enforcing=0)
> May 17 12:46:56 new2 kernel: audit(1116348416.169:0): avc: denied {
> name_connect } for dest=110 scontext=richard:staff_r:staff_mozilla_t
> tcontext=system_u:object_r:pop_port_t tclass=tcp_socket
> May 17 12:46:56 new2 kernel: audit(1116348416.902:0): avc: denied {
> getattr }
> for name=/ dev=dm-0 ino=2 scontext=richard:staff_r:staff_mozilla_t
> tcontext=system_u:object_r:fs_t tclass=filesystem
> May 17 12:47:45 new2 kernel: audit(1116348465.718:0): avc: granted {
> setenforce } for scontext=root:sysadm_r:sysadm_t
> tcontext=system_u:object_r:security_t tclass=security
> May 17 12:47:45 new2 dbus: avc: received setenforce notice (enforcing=1)
> May 17 12:47:45 new2 dbus: avc: received setenforce notice (enforcing=1)
>
Yes use thunderbird . :^)
Problem is we are trying to lock down Firefox with Mozilla policy, and
mozilla mail is going away. Can you just add a name_connect
rule.
Dan
> HTH
> Richard Hally
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
More information about the selinux
mailing list