Created attachment 322955 [details] AVC generated in the audit log Description of problem: When I open a url I received in an email from within alpine I get an AVC messages about a file in my homedir being mislabeled. I ran resrorecon on my home dir as suggested in setroubleshoot but I still get the AVC. When I do the above the URL does open in firefox as expected. Version-Release number of selected component (if applicable): (tigger pts2) $ rpm -qa | grep -i selinux libselinux-2.0.73-1.fc10.x86_64 libselinux-utils-2.0.73-1.fc10.x86_64 selinux-policy-3.5.13-11.fc10.noarch selinux-policy-targeted-3.5.13-11.fc10.noarch libselinux-python-2.0.73-1.fc10.x86_64 (tigger pts2) $ rpm -qa | grep -i alpine alpine-2.00-1.fc10.x86_64 (tigger pts2) $ rpm -qa | grep -i firefox firefox-3.0.2-1.fc10.x86_64 (tigger pts2) $ How reproducible: Every time Steps to Reproduce: 1. Click on a URL in an email from within alpine. 2. 3. Actual results: AVC generated Expected results: No AVC Additional info: In addition I ran setenforce 0 ; restorecon -v -R / ; setenforce 1 to be sure this was not mislabeled files.
I can allow nsplugin_config to read user content. Fixed in selinux-policy-3.5.13-19.fc10 But the named_conf_t seems to be a mislabeled file. Did you relabel a directory named_conf_t. It does not make sense that nsplugin would be looking in a directory labeled named_conf_t?
Thanks for the updated policy. To answer your question, No I did not relabel any directories. I ran restorecon -vR / prior to the last policy update. I just rebooted the machine and set it to automatically relabel the machine. I will see if that fixes the problem.
This bug appears to have been reported against 'rawhide' during the Fedora 10 development cycle. Changing version to '10'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping