I need the following to get firefox to run in mozilla_t. I'm not sure
if the current behavior is intended (running it in user_t).
--
Eamon Walsh<[email protected]>
National Security Agency
-------------- next part --------------
A non-text attachment was scrubbed...
Name: refpolicy_mozilla_exec_fix.patch
Type: text/x-patch
Size: 1377 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20090828/af194a33/attachment.bin
On Fri, 2009-08-28 at 20:17 -0400, Eamon Walsh wrote:
> I need the following to get firefox to run in mozilla_t. I'm not
> sure
> if the current behavior is intended (running it in user_t).
This doesn't apply. It looks like you're still using an svn checkout,
rather than git.
>
>
>
>
>
>
> differences
> between files
> attachment
> (refpolicy_mozilla_exec_fix.patch)
>
> Index: kernel/corecommands.fc
> ===================================================================
> --- kernel/corecommands.fc (revision 3012)
> +++ kernel/corecommands.fc (working copy)
> @@ -156,7 +156,6 @@
> /usr/lib/ccache/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
> /usr/lib/pgsql/test/regress/.*\.sh
> -- gen_context(system_u:object_r:bin_t,s0)
> /usr/lib/qt.*/bin(/.*)? gen_context(system_u:object_r:bin_t,s0)
> -/usr/lib(64)?/[^/]*firefox[^/]*/firefox --
> gen_context(system_u:object_r:bin_t,s0)
> /usr/lib(64)?/apt/methods.+ -- gen_context(system_u:object_r:bin_t,s0)
> /usr/lib(64)?/ConsoleKit/scripts(/.*)? gen_context(system_u:object_r:bin_t,s0)
> /usr/lib(64)?/ConsoleKit/run-session.d(/.*)?
> gen_context(system_u:object_r:bin_t,s0)
> Index: apps/mozilla.fc
> ===================================================================
> --- apps/mozilla.fc (revision 3012)
> +++ apps/mozilla.fc (working copy)
> @@ -28,4 +28,5 @@
> /usr/lib(64)?/mozilla[^/]*/reg.+
> -- gen_context(system_u:object_r:mozilla_exec_t,s0)
> /usr/lib(64)?/mozilla[^/]*/mozilla-.* --
> gen_context(system_u:object_r:mozilla_exec_t,s0)
> /usr/lib(64)?/firefox[^/]*/mozilla-.* --
> gen_context(system_u:object_r:mozilla_exec_t,s0)
> +/usr/lib(64)?/[^/]*firefox[^/]*/firefox --
> gen_context(system_u:object_r:mozilla_exec_t,s0)
> /usr/lib(64)?/[^/]*firefox[^/]*/firefox-bin --
> gen_context(system_u:object_r:mozilla_exec_t,s0)
>
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
On 09/03/2009 08:58 AM, Christopher J. PeBenito wrote:
> On Fri, 2009-08-28 at 20:17 -0400, Eamon Walsh wrote:
>
>> I need the following to get firefox to run in mozilla_t. I'm not
>> sure
>> if the current behavior is intended (running it in user_t).
>>
> This doesn't apply. It looks like you're still using an svn checkout,
> rather than git.
>
>
Whoa, I didn't get the memo on that. Thanks.
--
Eamon Walsh<[email protected]>
National Security Agency