firefox and /usr/tmp
Daniel J Walsh
dwalsh at redhat.com
Thu Dec 2 13:47:07 UTC 2004
Tom London wrote:
>Running strict/enforcing, latest Rawhide,
>selinux-policy-strict-1.19.8-4
>
>Starting firefox produces:
>
>Dec 1 18:49:33 fedora kernel: audit(1101955773.849:0): avc: denied
>{ read } for pid=4652 exe=/usr/lib/firefox-1.0/firefox-bin name=tmp
>dev=hda2 ino=4112455 scontext=user_u:user_r:user_mozilla_t
>tcontext=system_u:object_r:tmp_t tclass=lnk_file
>
>on attempted read of /usr/tmp (link to /var/tmp)
>
>Should there be a
>dontaudit user_mozilla_t tmp_t:lnk_file read;
>
>in mozilla_macros.te ?
>
>
No /usr/tmp should no longer be labeled tmp_t but usr_t. Try a
restorecon on it.
More information about the fedora-selinux-list
mailing list