SELinux
John Austin
ja at jaa.org.uk
Fri Jan 21 14:40:27 UTC 2011
On Fri, 2011-01-21 at 09:34 -0500, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 01/21/2011 09:12 AM, John Austin wrote:
> > On Fri, 2011-01-21 at 08:49 -0500, Daniel J Walsh wrote:
> >> -----BEGIN PGP SIGNED MESSAGE-----
> >> Hash: SHA1
> >>
> >> On 01/21/2011 08:31 AM, John Austin wrote:
> >>> On Fri, 2011-01-21 at 07:42 -0500, Daniel J Walsh wrote:
> >>> On 01/20/2011 05:12 PM, Genes MailLists wrote:
> >>>>>> On 01/20/2011 05:02 PM, Genes MailLists wrote:
> >>>>>>> On 01/20/2011 04:23 PM, Daniel J Walsh wrote:
> >>>>>>>
> >>>>>>>
> >>>>>>> If I want to run google chrome (say)-
> >>>>>>>
> >>>>>>> I tried this:
> >>>>>>>
> >>>>>>> mkdir -p sandbox-home/.config
> >>>>>>> rsync -av ~/.config/google-chrome ~/sandbox-home/.config
> >>>>>>>
> >>>>>>
> >>>>>> (1) Probably relevant - my default proxy is via ssh tunnel ... so I
> >>>>>> guess I need to somehow allow access to those ports on localhost ? Where
> >>>>>> would I do that ?
> >>>>>>
> >>>>>> (2) To avoid this for now - I tried deleting the .config/google-chrome
> >>>>>> so it would be a fresh first time run . same problem ... window starts
> >>>>>> and exits.
> >>>>>>
> >>>>>> Any suggestions ?
> >>>>>>
> >>>>>> thanks!
> >>>>>>
> >>>>>> g
> >>> Lets figure out if this is a chromium problem or something else. Does
> >>>
> >>> sandbox -X xterm
> >>>
> >>> Work?
> >>> Hi
> >>
> >>> Just picking up on this thread - hope I don't confuse the issue
> >>> F14 fully updated
> >>> kdm, XFCE, NFS4 home directories, NIS
> >>
> >>> SElinux Enforcing
> >>
> >>> sandbox -X xterm fails for me
> >>
> >>> troubleshooter shows 3 problems
> >>
> >>> SELinux is preventing /usr/bin/Xephyr from using the signal access on a process
> >>
> >>> SELinux is preventing /usr/bin/Xephyr from search access on the directory /
> >>
> >>> SELinux is preventing /usr/bin/kdm from add_name access on the directory .Xauthority-c
> >>
> >>> ---------------
> >>
> >>> Setting SElinux Permissive still fails with the two Xephyr problems
> >>
> >>> In both cases the display flashes very briefly with a rectangular shape
> >>
> >>> John
> >>
> >> Is your homedir NFS?
> >>
> >>
> >
> > Yes
> >
> > I have
> > global - Support NFS home dirs set true
> >
> > F14 fully updated - today
> >
> > kdm, XFCE, NFS4 home directories, NIS
> >
> > John
> >
> >
> >
> Ok, we have just started supporting NFS in the Rawhide, version. Sorry.
> I am not sure if I will back port it to F14, until I see some testing
> on it. I am concerned about how the kernel will handle bind mounts of
> nfs on nfs.
>
> One of the key features of sandbox is to create new directories in the
> homedir and then bind mount them over ~/ and /tmp. I am not quite sure
> how this will play with NFS and automounter...
>
Many thanks for the info
Looking forward to F15 !
John
More information about the users
mailing list