Firefox on strict policy

[Ken]

Thanks for the suggestion, but it was not labeling.  It appears to have 
had something to do with mls, although I have not had the time to figure 
out exactly what.  I changed all the mls levels to s0 and the problem 
went away.  It sure would be nice if there were a feature to disable all 
"dontaudit" statements for policy debugging.

-Ken-

Daniel J Walsh wrote:
> Ken wrote:
>> I am attempting to get a strict policy working on my FC-6 system 
>> (version 2.4.3-2.fc6).  I have successfully created a user account,  
>> and I can log both the root and the user account into the GUI.  I am 
>> attempting to get Firefox to work and I am having difficulties.  If I 
>> click on the Firefox icon, I see the program listed as opening, and 
>> it stays that way for a few seconds and then disappears.  If I check 
>> the message log (var/log/messages), there are no messages (either avc 
>> or other) generated as a result of the attempt. This only happens 
>> when the policy is enforcing.  When the policy is is not enforcing, 
>> Firefox loads properly -- also with no messages.  I have noticed that 
>> Firefox is not writing to its .mozilla folder when the policy is 
>> enforcing, and that it does write to several files in this folder 
>> when it loads properly.  This problem affects both my user account 
>> and the root account.  Can someone please explain why I am not 
>> receiving any error messages (or any messages at all), and let me 
>> know what needs to be changed in order to load Firefox?
>>
>> -- 
>> fedora-selinux-list mailing list
>> fedora-selinux-list at redhat.com
>> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
> check /var/log/audit/audit.log for avc messages.
>
> I would guess you have a labeling problem on your home dir.
>
> restorecon -R -v ~/
>