FC5, selinux and acroread
Gene Heskett
gene.heskett at verizon.net
Sun Apr 23 10:27:46 UTC 2006
Greetings;
Let me phrase this differently this time.
Selinux is, when in the enforcing mode, denying acrobat to run,
returning this error:
Apr 23 05:11:10 diablo kernel: audit(1145783470.557:3): avc: denied
{ execmod } for pid=2354 comm="acroread" name="libJP2K.so" dev=hda5
ino=9886986 scontext=root:system_r:unconfined_t:s0-s0:c0.c255
tcontext=system_u:object_r:lib_t:s0 tclass=file
Apr 23 05:12:02 diablo kernel: audit(1145783522.332:4): avc: denied
{ execmod } for pid=2391 comm="firefox-bin" name="nppdf.so" dev=hda5
ino=9821380 scontext=root:system_r:unconfined_t:s0-s0:c0.c255
tcontext=root:object_r:lib_t:s0 tclass=file
However, set it for permissive & reboot, and all is happy.
So how do we go about clearing acrobats ability to run with selinux when
it is in the enforcing mode?
--
Cheers, Gene
People having trouble with vz bouncing email to me should add the word
'online' between the 'verizon', and the dot which bypasses vz's
stupid bounce rules. I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2006 by Maurice Eugene Heskett, all rights reserved.
More information about the users
mailing list