[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: miss-match between needs and setroubleshooter's output recommendations
- From: Craig White <craigwhite azapple com>
- To: fedora-selinux-list redhat com
- Subject: Re: miss-match between needs and setroubleshooter's output recommendations
- Date: Mon, 07 Jan 2008 18:17:25 -0700
On Mon, 2008-01-07 at 11:52 -0500, Daniel J Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Gene Heskett wrote:
> > Greetings;
> >
> > I have now been in the center ring of this circus about long enough. selinux
> > is about to get made permissive or disabled.
> >
> > I have now issued these commands:
> >
> > [root coyote ~]# semanage fcontext -a -t
> > textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so
> > [root coyote ~]# chcon -t textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so
> > [root coyote ~]# semanage fcontext -a -t
> > textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so
> > [root coyote ~]# chcon -t textrel_shlib_t /root/.mozilla/plugins/vorbisrend.so
> >
> > Twice as can be seen, and restarted firefox each time, and each time selinux
> > denies firefox a plugin it needs to pay this site:
> > <http://ed-tharp.kicks-ass.org/ridingmower.mpg>
> >
> > I now have the third denial showing in the setroubleshooter's screen.
> > -----------------
> >
> > How can I fix this?
> >
> > Thanks.
> >
> Please attach the AVC messages from /var/log/audit/audit.log
>
> This looks like you could be running Firefox as root, which is a bad idea.
>
> ausearch -m avc
>
> Will grab all of the avc messages.
----
let me assure you that he indeed runs firefox as root. We've been down
that road (bad idea) on fedora-list
Craig
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]