Tom London wrote:
Running strict/enforcing, latest Rawhide,
selinux-policy-strict-1.19.8-4
Starting firefox produces:
Dec 1 18:49:33 fedora kernel: audit(1101955773.849:0): avc: denied
{ read } for pid=4652 exe=/usr/lib/firefox-1.0/firefox-bin name=tmp
dev=hda2 ino=4112455 scontext=user_u:user_r:user_mozilla_t
tcontext=system_u:object_r:tmp_t tclass=lnk_file
on attempted read of /usr/tmp (link to /var/tmp)
Should there be a
dontaudit user_mozilla_t tmp_t:lnk_file read;
in mozilla_macros.te ?
No /usr/tmp should no longer be labeled tmp_t but usr_t. Try a
restorecon on it.
