-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/30/2013 02:31 PM, Fl@sh wrote: > On Fri, 30 Aug 2013 09:39:50 -0400 Daniel J Walsh <dwalsh@xxxxxxxxxx> > wrote: > >> Have not done it for a while. You have to label the home dir and tmp dir >> with the same label as you are going to run. Then you might need an >> improved type to get it to start. > > I`m done: > > # chcon -t sandbox_file_t -l s0:c123,c456 /home/Flash/Example_HOME # chcon > -t sandbox_file_t -l s0:c123,c456 /home/Flash/Example_TMP $ ls -Z . | grep > 123 -rw-rw-r--. Flash Flash unconfined_u:object_r:user_home_t:s0 123 > drwxrwxr-x. Flash Flash unconfined_u:object_r:sandbox_file_t:s0:c123,c456 > Example_HOME drwxrwxr-x. Flash Flash > unconfined_u:object_r:sandbox_file_t:s0:c123,c456 Example_TMP > > $ /usr/bin/sandbox -s -d 96 -l s0:c123,c456 -X -H /home/Flash/Example_HOME > -T /home/Flash/Example_TMP -I > /home/Flash/.config/se-sandbox-runner/tyututiu_90.included -W kwin -w > 1000x700 -t sandbox_x_t -S > > blink X-window, then nothing... $ > > What i do not so? And what this -- "an IMPROVED TYPE to get it to start" ? > Try it in permissive mode. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlIg+48ACgkQrlYvE4MpobP37ACgpYfQxX1Jx8zRKFPAwJYKC6vR ZGEAoLFRyplUn3UkzKNuaREbZeBvPo+L =sKr5 -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
