Created attachment 808583 [details] raw avc denials Description of problem: Selinux is preventing staff_u from using audio. Version-Release number of selected component (if applicable): I found the problem with aucacuious How reproducible: Steps to Reproduce: 1. selinux enabled 2. confine user(s) as staff_u 3. attempt to run audacity Actual results: Audacity does not run Expected results: Audacity runs and I can play music files Additional info: Attaching raw avc denials myaudacious.te : module myaudacious 1.0; require { type staff_t; type unconfined_t; class unix_stream_socket connectto; } #============= staff_t ============== allow staff_t unconfined_t:unix_stream_socket connectto;
note: user_u do not have this problem, only staff_u
No it would not work either. The problem here is the audio server is running as unconfined_t. Did you start it outside of the service script?
I believe this problem happens if you switch from unconfined_u to staff_u.
Thank you both for looking at this report. I installed Fedora 20 (alpha) and confined my users (user_u and one staff_u). It is the xcfe spin and the audio server was started automatically, I believe at log in. At any rate, no, I did not start the server manually. user_u can use audio without any problem. only staff_u had a problem with the audio server.
bodhi. Bottom line, if you switched to staff_u and then rebooted it would not have happened. Perhaps you had a left over process running as unconfined_t (Pulseaudio?) that staff_t was trying to communicate with.
Thank you once again for your patience Daniel, rebooting indeed resolved the issue.