lack of AVC denied messages

Richard Hally rhallyx at mindspring.com
Fri Jun 25 02:58:46 UTC 2004


After recent updates Mozilla web browser will not start while in 
enforcing mode. The troubling thing is that it does not produce any avc 
denied messages. Further, after switching to permissive mode, starting 
Mozilla web browser, exiting, generating allow rules from the avc denied 
messages, incorporating them into the policy, doing a 'make reload'  and 
trying  Mozilla  again in enforcing mode it still will not start and 
does not produce and avc denied messages.
Considering that the recommended method for generating policy is to 
"debug it into existence" i.e. run things and look at the avc denied 
messages, this lack of avc denied message indicates there is something 
fundamentally wrong here and indicates a mode of failure we may not have 
considered before.
Or is it just a bug?

Thanks for any help,
Richard Hally

kernel 2.6.7.-1.448
selinux-policy-strict-sources-1.13.8-1
sysklogd-1.4.1-20




More information about the fedora-selinux-list mailing list