On 05/24/2011 11:17 AM, Daniel J Walsh wrote: > Well chromium-browser is complaining about > > Failed to more to new PID namespace: Operation not permitted > > Even in permissive mode. I guess the problem is that chromium can not > run within a sandbox. > > If you execute > > mkdir -P ~/sandbox/tmp > mkdir -P ~/sandbox/home > seunshare -t ~/sandbox/tmp -h ~/sandbox/home -- /usr/bin/chromium-browser > > You will get the error. > > I am not sure you can clone within a clone... > -- > Right it doesn't work for sure - I had vague recollections someone (you I think?) saying they might try touch base with the google folks about co-coordinating to try make selinux sandbox work .. that was a few months ago ... but dont remember when exactly ... -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
