Selinux beating up on Chromium

Daniel J Walsh dwalsh at
Thu Jun 17 20:23:00 UTC 2010

On 06/17/2010 04:00 PM, Jim wrote:
> FC13/KDE
> setroubleshoot: SELinux is preventing
> /usr/lib64/chromium-browser/chrome-sandbox "net_raw" access . For
> complete SELinux messages. run sealert -l
> 68797c25-9748-4ab8-b020-f63a80f543a7
> I run the sealert -l 68797c25-9748-4ab8-b020-f63a80f543a7 and that
> doesn't stop error message.
> In about a hour and a half I get the same error message.

We know about it but do not know what is going on.  We definitely do not 
want to allow the chrome-sandbox raw access to your network.

If you want to shut it up, you can use audit2allow to create a module to 
dontaudit it.

# grep net_raw /var/log/audit/audit.log | audit2allow -D -M mychrome
# semodule -i mycrhome.pp

More information about the users mailing list