Jimmy wrote:
Hi!
Im trying to learn SELinux from bottom up, but having some fundamental
issues regarding the basics.
Im trying to load the mozilla.pp module in targeted, which works fine.
I set the correct contexts with restorecon on firefox-bin. But when i
run the binary it stills runs in unconfined_t when looking at running
processes (ps auxZ).
Ivé tried to compile it myself from different sources, and load it,
but get the same results all the time. Then i tried with netutils.pp
and discovered the same problem witrh ping.
Why doesnt firefox get transfered to the $1_mozilla_t domain??? I know
im making some really fundamental mistake somewhere, but i cant find
out what it is!
With best regards / Tomten
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
You need to write a transition rule from unconfined_t to mozilla_t
Something like
mozilla_per_role_template(user, unconfined_t, system_r)
But there is a bug in policy right now
gen_require(`
type mozilla_exec_t;
type mozilla_conf_t;
')
Needs to be added to the mozilla_per_role_template interface definition.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
