Fedora Account System
Red Hat Associate
Red Hat Customer
Description of problem: time->Thu Dec 18 14:40:41 2014 type=PROCTITLE msg=audit(1418910041.134:405): proctitle=2F7573722F62696E2F586570687972002D726573697A6561626C65002D7469746C650053616E64626F782073616E64626F785F7765625F743A73303A633331302C63393139202D2D20202F7573722F62696E2F66697265666F7820002D7465726D696E617465002D73637265656E00313238307831303234002D647069003936 type=SYSCALL msg=audit(1418910041.134:405): arch=c000003e syscall=42 success=no exit=-13 a0=0 a1=7fff469cc5b0 a2=14 a3=106 items=0 ppid=1656 pid=1665 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=1 comm="Xephyr" exe="/usr/bin/Xephyr" subj=unconfined_u:unconfined_r:sandbox_web_t:s0:c310,c919 key=(null) type=AVC msg=audit(1418910041.134:405): avc: denied { connectto } for pid=1665 comm="Xephyr" path=002F746D702F2E5831312D756E69782F5830 scontext=unconfined_u:unconfined_r:sandbox_web_t:s0:c310,c919 tcontext=system_u:system_r:xserver_t:s0-s0:c0.c1023 tclass=unix_stream_socket permissive=0 Version-Release number of selected component (if applicable): selinux-policy-sandbox-3.13.1-103.fc21.noarch selinux-policy-targeted-3.13.1-103.fc21.noarch selinux-policy-3.13.1-103.fc21.noarch policycoreutils-2.3-7.1.fc21.x86_64 policycoreutils-python-2.3-7.1.fc21.x86_64 policycoreutils-sandbox-2.3-7.1.fc21.x86_64 xorg-x11-server-Xephyr-1.16.2.901-1.fc21.x86_64 How reproducible: 100% here Steps to Reproduce: 1. try to run anything in a selinux-sandbox: sandbox -X -t sandbox_x_t xterm Actual results: Xephyr does not start Expected results: sandboxed application Additional info:
Two more things I wanted to add: 1. I upgraded from F20 (installed directly) to F21 using fedup --product=nonproduct. 2. tried restorecon already
*** This bug has been marked as a duplicate of bug 1103622 ***