Bug 502344 - SELinux blocks emacs
Summary: SELinux blocks emacs
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 11
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-05-24 11:08 UTC by John J. McDonough
Modified: 2009-11-18 13:09 UTC (History)
6 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2009-11-18 13:09:44 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description John J. McDonough 2009-05-24 11:08:31 UTC
Description of problem:
SELinux blocks emace

Version-Release number of selected component (if applicable):
F11 preview, emacs 22.3

How reproducible:
reproduceable

Steps to Reproduce:
1. Set EDITOR, VISUAL to emacs
2. Open terminal
3. crontab -e
  
Actual results:

Display :0.0 unavailable, simulating -nw

[1]+  Stopped                 crontab -e

SELinux is preventing emacs (admin_crontab_t) "connectto" xserver_t. 
SELinux is preventing emacs (admin_crontab_t) "setpgid" admin_crontab_t. 
SELinux is preventing gnome-terminal (admin_crontab_t) "signal" unconfined_t. 


Expected results:
Open emacs showing crontab

Additional info:

Comment 1 Daniel Novotny 2009-05-25 08:15:14 UTC
since "crontab -e" invokes user-defined editor (EDITOR, VISUAL) and this editor can use X, admin_crontab_t policy should be probably modified to allow this...

or is it possible to run the editor in unconfined_t?

reassigning to selinux-policy, reassign back to me if you think this is a bug in emacs (or to cronie if you think cron owner can fix this)

Comment 2 Daniel Walsh 2009-05-26 12:41:35 UTC
Fixed in selinux-policy-3.6.12-42.fc11.noarch

I will run it in unoconfined.

Comment 3 Bug Zapper 2009-06-09 16:28:32 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 11 development cycle.
Changing version to '11'.

More information and reason for this action is here:
http://fedoraproject.org/wiki/BugZappers/HouseKeeping


Note You need to log in before you can comment on or make changes to this bug.