From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041228 Firefox/1.0 Fedora/1.0-8 Description of problem: Lots of denials: denied { write remove_name add_name } user_tmp_t:dir (/tmp/orbit-user) denied { write unlink create } user_tmp_t:sock_file (/tmp/orbit-user/*) For example, audit(1107990691.069:0): avc: denied { create } for pid=20857 exe=/usr/lib/firefox-1.0/firefox-bin name=linc-5179-0-4d24a7261151d scontext=user_u:user_r:user_mozilla_t tcontext=user_u:object_r:user_tmp_t tclass=sock_file Version-Release number of selected component (if applicable): selinux-policy-strict-1.21.11-2 How reproducible: Didn't try Steps to Reproduce: Additional info:
Does this fix the problem? --- mozilla_macros.te~ 2005-02-09 15:32:21.000000000 -0500 +++ mozilla_macros.te 2005-02-10 10:01:06.000000000 -0500 @@ -85,6 +85,7 @@ dontaudit $1_mozilla_t $1_home_t:file setattr; } file_type_auto_trans($1_mozilla_t, tmp_t, $1_mozilla_rw_t) +file_type_auto_trans($1_mozilla_t, $1_tmp_t, $1_mozilla_rw_t) if (mozilla_writehome) { file_type_auto_trans($1_mozilla_t, $1_home_t, $1_mozilla_rw_t)
No, because it is writing to existing sockets and not creating them. If I erase them all they come back on reboot.
Well, since it was added back, I'm closing the bug.