Re: F14, google-chrome won't launch after yum update [SOLVED]
by Jackson Byers
Daniel J Walsh replied
>My goal is not to get into the blame game, but google-chrome requires
>some strange access that I have never seen an app need before.
>Basically an application chrome-sandbox needing to load the the
>executable (not shared library) chrome which was not compiled with
>PIC. The latest chrome browser from beta release requires mmap_zero,
>which is a very dangerous access that we will not give.
>If you do not want SELinux controlling chrome-sandbox you can turn off
>the boolean unconfined_chrome_sandbox_transition
>setsebool -P unconfined_chrome_sandbox_transition 0
-
[root@f14 ~]# setsebool -P unconfined_chrome_sandbox_transition 0
libsemanage.dbase_llist_set: record not found in the database (No such
file or directory).
libsemanage.dbase_llist_set: could not set record value (No such file
or directory).
Could not change boolean unconfined_chrome_sandbox_transition
Could not change policy booleans
so that failed; all greek to me.
>> http://fedoraproject.org/wiki/Chromium
>The link above has a version of chrome, specially built for Fedora
>which should work fine with SELinux.
Daniel, I will keep this as a fallback solution
-------
Lancebaynes87 replied
>give this out with root:
>semanage fcontext -a -s system_u -t usr_t /opt/google/chrome/chrome-sandbox
>restorecon -v /opt/google/chrome/chrome-sandbox
[root@f14 ~]# restorecon -v /opt/google/chrome/chrome-sandbox
restorecon reset /opt/google/chrome/chrome-sandbox context
system_u:object_r:chrome_sandbox_exec_t:s0->system_u:object_r:usr_t:s0
Now, chrome comes up!
Thanks to Daniel for the explanation, even tho my understanding is weak-to-nil.
Thanks to Lance for the fix!
Jack
12 years, 6 months
Re: F14, google-chrome won't launch after yum update
by Jackson Byers
mike cloaked responded:
>The last update to chrome in f14 gave avc denials and in order to get
>chrome to run after that it was necessary to run the following
>commands (as root) before chrome would run again:
>semanage fcontext -a -t textrel_shlib_t '/opt/google/chrome/chrome'
>restorecon -v '/opt/google/chrome/chrome'
mike, what worked for me, as I have already posted,
was the 2 commands (from Lancebaynes87):
>give this out with root:
>semanage fcontext -a -s system_u -t usr_t /opt/google/chrome/chrome-sandbox
>restorecon -v /opt/google/chrome/chrome-sandbox
that semanage command is different from yours(mike cloaked).
Furthermore, that is all I needed to be able to run chrome again,
unlike your experience needing another pair of commands
>grep chrome-sandbox /var/log/audit/audit.log | audit2allow -M mypol
>semodule -i mypol.pp
My SELinux chops are pretty weak, almost nonexistent.
But I would be interested in your comments re the differences.
Jack
12 years, 6 months
Gnome is not prompting for wireless passwords
by Sam Varshavchik
When you select a previously unknown wireless access point, where does the
dialog that prompts for the access point password come from?
I was screwing around with stuff in /etc/sysconfig. I nuked the ifcfg-* and
keys-* file for my wireless AP. Previously, when I did that, all I had to do
was attempt to connect to my wireless AP, I get prompted for my AP's
password, and I'm back in business.
Not sure exactly what I did, but I'm no longer being prompted for the WPA
keys. By peeking at another laptop, I was able to recreate my ifcfg-*, and
put my key into the keys-* file, and Gnome is now able to automatically
connect to my wireless, but if I go and select some other AP within range,
Gnome is still not prompting for the WPA key, and I want to fix that.
12 years, 6 months
Reference Documents
by Mark LaPierre
Hey guys,
Can anyone help me find a good reference on SEL? I would like to learn
everything there is to know about the subject.
I could also use a good reference on video acceleration.
--
°v°
/(_)\
^ ^ Mark LaPierre
Registerd Linux user No #267004
www.counter.li.org
****
In a free world without fences, who needs gates.
**
Help Microsoft stamp out piracy - give Linux to a friend today.
**
To mess up a Linux box, you need to work at it.
To mess up an MS Windows box, you just need to *look* at it.
**
learn linux:
'Rute User's Tutorial and Exposition' http://rute.2038bug.com/index.html
'The Linux Documentation Project' http://www.tldp.org/
'LDP HOWTO-index' http://www.tldp.org/HOWTO/HOWTO-INDEX/index.html
'HowtoForge' http://howtoforge.com/
****
--
Signature shamelessly copied from:
Jatin Khatri & geleem
12 years, 6 months
Looking for Live-multi.iso generation script
by Robert G. (Doc) Savage
At about this time last year an enterprising group released the
Fedora-14-Live-multi.iso. With a little tweaking I was able to install
this 5.2GB iso image onto a bootable 8GB thumb drive. That and a Helix3
forensic thumb drive were "must haves" in my toolkit.
The Live-multi effort seems to have gone silent. There was no Fedora 15
edition. Has their generation script been published anywhere so I can
roll my own Fedora-16-Live-multi.iso image?
--Doc Savage
Fairview Heights, IL
12 years, 6 months
Fedora / Solaris ACL Bug
by Thomas Dineen
Gentle People:
I just finished building a Fedora 14 Intel machine that I want to
use as a file server with the client being a Solaris 10 Intel
machine.
When I try to access the Fedora server's exported file systems
from Solaris I get the following error:
"ls: can't read ACL on /net/Dineen-Linux2/home/tdineen: Permission denied"
Please note that the userid and groupid have been aligned on both
machines
to 1001 and 10, and directory permissions are quite open in the Fedora
server.
The Fedora server otherwise works just fine.
It appears that there is some sort of incompatibility between the
file systems?
NFS version???
A number of experiments have all yielded various errors all
including "ACL"
Experiments with /etc/exports using Sun5(rw) and Sun5(rw,no_acl)
have not fixed
the problem.
I am willing to perform more experiments and / or post more
information as needed.
So whats the story here and how do I fix it?
Thomas Dineen
12 years, 6 months
Frostwire execution problem
by Mickey
F15
I installed frostwire and executed same and got error, can someone tell
what this error message means.
$ frostwire
HOSTNAME IS BigOne
Starting FrostWire...
Java exec found in PATH. Verifying...
Suitable java version found [java = 1.6.0_27]
Configuring environment...
Loading FrostWire:
ls: cannot access lw*jar: No such file or directory
ls: cannot access *jar: No such file or directory
CLASSPATH SET TO: .
Exception in thread "main" java.lang.NoClassDefFoundError:
com/limegroup/gnutella/gui/Main
Caused by: java.lang.ClassNotFoundException: com.limegroup.gnutella.gui.Main
at java.net.URLClassLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.misc.Launcher$AppClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
Could not find the main class: com.limegroup.gnutella.gui.Main. Program
will exit.
******************************************************************
Something went wrong with FrostWire.
Maybe you're using the wrong version of Java?
(FrostWire is tested against and works best with with Sun's JRE, Java 1.4+)
The version of Java in your PATH is:
java version "1.6.0_27"
Java(TM) SE Runtime Environment (build 1.6.0_27-b07)
Java HotSpot(TM) Server VM (build 20.2-b06, mixed mode)
12 years, 6 months
selinux is a pain
by Martín Marqués
I reinstalled (better hardware) a server and had selinux enabled (was
disabled before), and I starting to see why so many people don't use
selinux.
My question is, how many people are using selinux?
I, for instance, am about to disable it.
--
Martín Marqués
select 'martin.marques' || '@' || 'gmail.com'
DBA, Programador, Administrador
12 years, 6 months
how to disable package installation prompt at command mode
by Benjamin
Hi All,
I am using fedora 15 32 bit on my laptop.I want to disable command line
package installation option.
Suppose i type system-config-keyboard command on console but that
command is not available in os then i m getting installation message on
command line so i want to disable it.
system-config-keyboard
bash: system-config-keyboard: command not found...
Install package 'system-config-keyboard' to provide command
'system-config-keyboard'? [N/y]
How to disable it?
Thanks,
Benjamin
12 years, 6 months
