From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.7.12) Gecko/20050922 Fedora/1.0.7-1.1.fc4 Firefox/1.0.7 Description of problem: Privoxy allows users to customize its behaviour via the Web interface. Changes to the configuration are saved in /etc/privoxy/user.action. With the targeted SELinux policy, Privoxy is not allowed to write this file. Version-Release number of selected component (if applicable): selinux-policy-targeted-1.27.1-2.11 How reproducible: Always Steps to Reproduce: 1. Enable the targeted SELinux policy in enforcing mode. 2. Start the privoxy service. 3. Configure your browser to use localhost 8118 as its HTTP proxy. 4. Go to http://config.privoxy.org/edit-actions-list?f=user 5. Add some URL pattern to the first action. Actual Results: Privoxy will report that it cannot modify /etc/privoxy/user.action, and /var/log/messages contains this message: avc: denied { write } for pid=30533 comm="privoxy" name="user.action" dev=dm-0 ino=197288 scontext=root:system_r:privoxy_t tcontext=root:object_r:etc_t tclass=file Expected Results: Privoxy should be allowed to modify /etc/privoxy/user.action. Additional info: To fix this, I added this to local.fc: /etc/privoxy/user\.action -- system_u:object_r:privoxy_rc_t And this to local.te: type privoxy_rc_t, file_type; allow privoxy_t privoxy_rc_t:file { getattr read write }; This should be placed into the respective program files.
Fixed in selinux-policy-targeted- 1.27.1-2.15