From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7

Description of problem:
Privoxy allows users to customize its behaviour via the Web interface. Changes to the configuration are saved in /etc/privoxy/user.action. With the targeted SELinux policy, Privoxy is not allowed to write this file.


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.27.1-2.11

How reproducible:
Always

Steps to Reproduce:
1. Enable the targeted SELinux policy in enforcing mode.
2. Start the privoxy service.
3. Configure your browser to use localhost 8118 as its HTTP proxy.
4. Go to http://config.privoxy.org/edit-actions-list?f=user
5. Add some URL pattern to the first action.


Actual Results:  Privoxy will report that it cannot modify /etc/privoxy/user.action, and /var/log/messages contains this message:

avc:  denied  { write } for  pid=30533 comm="privoxy" name="user.action" dev=dm-0 ino=197288 scontext=root:system_r:privoxy_t tcontext=root:object_r:etc_t tclass=file


Expected Results:  Privoxy should be allowed to modify /etc/privoxy/user.action.


Additional info:

To fix this, I added this to local.fc:

/etc/privoxy/user\.action   --	system_u:object_r:privoxy_rc_t

And this to local.te:

type privoxy_rc_t, file_type;
allow privoxy_t privoxy_rc_t:file { getattr read write };

This should be placed into the respective program files.