looking into using runcon
it seems I'm confronted with an
avc, that just keeps showing up:
allow staff_t user_t:process { siginh rlimitinh transition noatsecure };
(even after adding this to the policy).
What I'm doing is this:
runcon name:user_r:user_t:s0-s0:c0.c255 firefox
the initial role I'm in is staff_r(transitioning to user_r for
firefox to run in)
Does this seem like the right thing to do,
or do I need to use newrole -r *
for something like firefox?
--
Justin P. Mattock
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
