miss-match between needs and setroubleshooter's output recommendations
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 Gene Heskett wrote: > Greetings; > > I have now been in the center ring of this circus about long enough. selinux > is about to get made permissive or disabled. > > I have now issued these commands: > > [root@coyote ~]# semanage fcontext -a -t > textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so > [root@coyote ~]# chcon -t textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so > [root@coyote ~]# semanage fcontext -a -t > textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so > [root@coyote ~]# chcon -t textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so > > Twice as can be seen, and restarted firefox each time, and each time selinux > denies firefox a plugin it needs to pay this site: > <http://ed-tharp.kicks-ass.org/ridingmower.mpg> > > I now have the third denial showing in the setroubleshooter's screen. > ----------------- > > How can I fix this? > > Thanks. > Please attach the AVC messages from /var/log/audit/audit.log This looks like you could be running Firefox as root, which is a bad idea. ausearch -m avc Will grab all of the avc messages. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkeCWL0ACgkQrlYvE4MpobMX5ACg46tN7VjBjP ApAAfE1J9mipNp J8sAn2YrQDBqssOrPNz10gmM1rF+pJyf =dcGv -----END PGP SIGNATURE----- -- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list |
miss-match between needs and setroubleshooter's output recommendations
On Mon, 2008-01-07 at 11:52 -0500, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Gene Heskett wrote: > > Greetings; > > > > I have now been in the center ring of this circus about long enough. selinux > > is about to get made permissive or disabled. > > > > I have now issued these commands: > > > > [root@coyote ~]# semanage fcontext -a -t > > textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so > > [root@coyote ~]# chcon -t textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so > > [root@coyote ~]# semanage fcontext -a -t > > textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so > > [root@coyote ~]# chcon -t textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so > > > > Twice as can be seen, and restarted firefox each time, and each time selinux > > denies firefox a plugin it needs to pay this site: > > <http://ed-tharp.kicks-ass.org/ridingmower.mpg> > > > > I now have the third denial showing in the setroubleshooter's screen. > > ----------------- > > > > How can I fix this? > > > > Thanks. > > > Please attach the AVC messages from /var/log/audit/audit.log > > This looks like you could be running Firefox as root, which is a bad idea. > > ausearch -m avc > > Will grab all of the avc messages. ---- let me assure you that he indeed runs firefox as root. We've been down that road (bad idea) on fedora-list Craig -- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list |
| All times are GMT. The time now is 09:48 AM. |
VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.