sound within sandbox_web_t type and permissive type sandbox_web_client_t
Christoph A.
casmls at gmail.com
Mon Jun 21 10:42:34 UTC 2010
Hi,
I can remember that while using F12 I had sound within sandbox_web_t
running firefox. Since I'm using F13 sound within the sandbox
disappeared and while running a sandbox I constantly (every 20 seconds)
get abrt notifications that pulsaudio crashed.
pulseaudio version:
pulseaudio-0.9.21-6.fc13
audit.log contains following lines:
type=ANOM_ABEND msg=audit(1277115690.389:210): auid=500 uid=500 gid=500
ses=1 subj=unconfined_u:unconfined_r:sandbox_web_client_t:s0:c633,c897
pid=5913 comm="pulseaudio" sig=6
type=ANOM_ABEND msg=audit(1277115695.613:211): auid=500 uid=500 gid=500
ses=1 subj=unconfined_u:unconfined_r:sandbox_web_client_t:s0:c633,c897
pid=5924 comm="pulseaudio" sig=6
type=ANOM_ABEND msg=audit(1277115700.998:212): auid=500 uid=500 gid=500
ses=1 subj=unconfined_u:unconfined_r:sandbox_web_client_t:s0:c633,c897
pid=5936 comm="pulseaudio" sig=6
type=ANOM_ABEND msg=audit(1277115706.240:213): auid=500 uid=500 gid=500
ses=1 subj=unconfined_u:unconfined_r:sandbox_web_client_t:s0:c633,c897
pid=5947 comm="pulseaudio" sig=6
[...]
Is someone experiencing the same problem?
If needed I can add the pulseaudio abrt backtrace.
My second question also regarding sandboxes:
This is an AVC I frequently come across:
type=AVC msg=audit(1277029467.183:2147): avc: denied { read write } for
pid=3038 comm="gvfs-fuse-daemo" name="fuse" dev=devtmpfs ino=9048
scontext=unconfined_u:unconfined_r:sandbox_web_client_t:s0:c503,c936
tcontext=system_u:object_r:fuse_device_t:s0 tclass=chr_file
The troubleshooter tells me that this type is running in permissive
mode. Is this supposed to be like that (default) or is this a
misconfiguration on my side?
[gvfs-fuse-daemo has a permissive type (sandbox_web_client_t). This
access was not denied.]
kind regards,
Christoph
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 163 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20100621/f2610dae/attachment.bin
More information about the selinux
mailing list