error :: chrome's global requirements were not met

Adrian Sevcenco Adrian.Sevcenco at cern.ch
Fri Feb 11 21:37:48 UTC 2011


Hi! I try to add a policy for chrome for allowing read access for stuff
from LD_LIBRARY_PATH
and i done this :
[root at sev selinux]# cat chrome.audit | audit2allow -M chrome
******************** IMPORTANT ***********************
To make this policy package active, execute:

semodule -i chrome.pp

[root at sev selinux]# semodule -i chrome.pp
libsepol.print_missing_requirements: chrome's global requirements were
not met: type/attribute chrome_sandbox_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file or
directory).
semodule:  Failed!

with this :

[root at sev selinux]# cat chrome.audit
type=AVC msg=audit(1297435306.238:20321): avc:  denied  { read } for
pid=22631 comm="chrome" name="clhep" dev=sda5 ino=8195388
scontext=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023
tcontext=unconfined_u:object_r:user_home_t:s0 tclass=lnk_file
type=SYSCALL msg=audit(1297435306.238:20321): arch=c000003e syscall=2
success=no exit=-2 a0=7fffb3534570 a1=0 a2=0 a3=2f7065686c632f70 items=0
ppid=0 pid=22631 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500
egid=500 sgid=500 fsgid=500 tty=(none) ses=7 comm="chrome"
exe="/opt/google/chrome/chrome"
subj=unconfined_u:unconfined_r:chrome_sandbox_t:s0-s0:c0.c1023 key=(null)

the sym link in question have this properties:

adrian at sev: ~ $ ls -lZ /home/physics-tools/clhep/clhep
lrwxrwxrwx. adrian adrian unconfined_u:object_r:user_home_t:SystemLow
/home/physics-tools/clhep/clhep -> /home/physics-tools/clhep/2.1.0.0/


anybody any idea about the problem?
Thanks!
Adrian

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3110 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20110211/2788cc01/attachment.bin 


More information about the selinux mailing list