Re: SELinux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 01/21/2011 09:12 AM, John Austin wrote:
> On Fri, 2011-01-21 at 08:49 -0500, Daniel J Walsh wrote:
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA1
>>
>> On 01/21/2011 08:31 AM, John Austin wrote:
>>> On Fri, 2011-01-21 at 07:42 -0500, Daniel J Walsh wrote:
>>> On 01/20/2011 05:12 PM, Genes MailLists wrote:
>>>>>> On 01/20/2011 05:02 PM, Genes MailLists wrote:
>>>>>>> On 01/20/2011 04:23 PM, Daniel J Walsh wrote:
>>>>>>>
>>>>>>>
>>>>>>>   If I want to run google chrome (say)-
>>>>>>>
>>>>>>>   I tried this:
>>>>>>>
>>>>>>>    mkdir -p sandbox-home/.config
>>>>>>>    rsync -av ~/.config/google-chrome ~/sandbox-home/.config
>>>>>>>
>>>>>>
>>>>>>   (1) Probably relevant - my default proxy is via ssh tunnel ... so I
>>>>>> guess I need to somehow allow access to those ports on localhost ? Where
>>>>>> would I do that ?
>>>>>>
>>>>>>   (2) To avoid this for now - I tried deleting the .config/google-chrome
>>>>>> so it would be a fresh first time run . same problem ... window starts
>>>>>> and exits.
>>>>>>
>>>>>>   Any suggestions ?
>>>>>>
>>>>>>   thanks!
>>>>>>
>>>>>>  g
>>> Lets figure out if this is a chromium problem or something else.  Does
>>>
>>> sandbox -X xterm
>>>
>>> Work?
>>> Hi
>>
>>> Just picking up on this thread - hope I don't confuse the issue
>>> F14 fully updated
>>> kdm, XFCE, NFS4 home directories, NIS
>>
>>> SElinux Enforcing
>>
>>> sandbox -X xterm	fails for me
>>
>>> troubleshooter shows 3 problems
>>
>>> SELinux is preventing /usr/bin/Xephyr from using the signal access on a process
>>
>>> SELinux is preventing /usr/bin/Xephyr from search access on the directory /
>>
>>> SELinux is preventing /usr/bin/kdm from add_name access on the directory .Xauthority-c
>>
>>> ---------------
>>
>>> Setting SElinux Permissive still fails with the two Xephyr problems
>>
>>> In both cases the display flashes very briefly with a rectangular shape
>>
>>> John
>>
>> Is your homedir NFS?
>>
>>
> 
> Yes
> 
> I have
> global - Support NFS home dirs set true
> 
> F14 fully updated - today
> 
> kdm, XFCE, NFS4 home directories, NIS
> 
> John
> 
> 
> 
Ok, we have just started supporting NFS in the Rawhide, version.  Sorry.
 I am not sure if I will back port it to F14, until I see some testing
on it.  I am concerned about how the kernel will handle bind mounts of
nfs on nfs.

One of the key features of sandbox is to create new directories in the
homedir and then bind mount them over ~/ and /tmp.  I am not quite sure
how this will play with NFS and automounter...


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAk05mV4ACgkQrlYvE4MpobPEcACfY/zv+OTNPyFjUjvchWrmyRrD
RgAAnRpf/RebXQ/bv+wPajEc6Rwq7pVR
=TzzP
-----END PGP SIGNATURE-----
-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux