Bug 186157

Summary: Selinux prevents f-spot from launching a browser when authorizing Flickr access
Product: [Fedora] Fedora Reporter: Trond Danielsen <trond.danielsen>
Component: selinux-policy-targetedAssignee: Russell Coker <rcoker>
Status: CLOSED WORKSFORME QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5CC: sundaram
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-06-16 02:39:03 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Trond Danielsen 2006-03-21 22:08:38 UTC 
Description of problem:
Selinux prevents f-spot from launching a browser when authorizing Flickr access. 

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1. Export photo from f-spot to Flickr.
2. Press Authorize!
3. F-spot opens an error message.
  
Actual results:
Authorization fails.

Expected results:
Authorization completed.

Additional info:
F-spot returns the following error message:
--
Startup failed because of the following error:
An SELinux policy prevents this sender from sending this message to this
recipient (rejected message had interface "org.freedesktop.DBus" member "Hello"
error name "(unset)" destination "org.freedesktop.DBus")
--
Comment 1 Rahul Sundaram 2006-03-24 17:38:15 UTC 

SELinux policies are centrally managed. So filing it against SELinux policy
package is better. Reassigning.

Can you post the AVC denied messages from /var/log/messages or /var/log/audit
(if you are running the audit deamon)?

Thanks.
Comment 2 Trond Danielsen 2006-03-28 10:48:16 UTC 
Sorry, no msg in neither /var/log/messages or /var/log/audit.
Comment 3 Daniel Walsh 2006-03-28 13:19:41 UTC 
Are you sure this is an SELinux problem?

If you run setenforce 0, does the command succeed?


If it does, could you load the following policy and then try the command with
setenforce 0

semodule -b /usr/share/selinux/targeted/enableaudit.pp

setenforce 0
run your command
semodule -b /usr/share/selinux/targeted/base.pp

to turn off additional audit messages.
Comment 4 Trond Danielsen 2006-05-25 18:11:20 UTC 
I think the bug can be closed, it is working now. I think the problem was that I
was using epiphany as the default browser at the time. I have tested with both
firefox and epiphany, and everything works now.