Edited to show relevant details more clearly:
denied { execute }
exe=/bin/bash
name=java
scontext=user:staff_r:staff_mozilla_t tcontext=system_u:object_r:usr_t
tclass=file
denied { execute_no_trans }
exe=/bin/bash
path=/usr/java/j2re1.4.2_01/bin/java
scontext=user:staff_r:staff_mozilla_t
tcontext=system_u:object_r:usr_t
tclass=file
denied { search }
exe=/usr/java/j2re1.4.2_01/bin/java
name=vm
scontext=user:staff_r:staff_mozilla_t
tcontext=system_u:object_r:sysctl_vm_t
tclass=dir
--
Francis K Shim <francis.shim@xxxxxxxxxxxx>
