Daniel J Walsh replied > My goal is not to get into the blame game, but google-chrome > requires some strange access that I have never seen an app need > before. Basically an application chrome-sandbox needing to load > the the executable (not shared library) chrome which was not > compiled with PIC. The latest chrome browser from beta release > requires mmap_zero, which is a very dangerous access that we will > not give. > If you do not want SELinux controlling chrome-sandbox you can > turn off the boolean unconfined_chrome_sandbox_transition > setsebool -P unconfined_chrome_sandbox_transition 0 - [root@f14 ~]# setsebool -P unconfined_chrome_sandbox_transition 0 libsemanage.dbase_llist_set: record not found in the database (No such file or directory). libsemanage.dbase_llist_set: could not set record value (No such file or directory). Could not change boolean unconfined_chrome_sandbox_transition Could not change policy booleans so that failed; all greek to me. >> http://fedoraproject.org/wiki/Chromium > The link above has a version of chrome, specially built for > Fedora which should work fine with SELinux. Daniel, I will keep this as a fallback solution ------- Lancebaynes87 replied > give this out with root: semanage fcontext -a -s system_u -t > usr_t /opt/google/chrome/chrome-sandbox restorecon -v > /opt/google/chrome/chrome-sandbox [root@f14 ~]# restorecon -v /opt/google/chrome/chrome-sandbox restorecon reset /opt/google/chrome/chrome-sandbox context system_u:object_r:chrome_sandbox_exec_t:s0->system_u:object_r:usr_t:s0 Now, chrome comes up! Thanks to Daniel for the explanation, even tho my understanding is weak-to-nil. Thanks to Lance for the fix! Jack

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6JujkACgkQrlYvE4MpobMV/gCfQ4v96aA5HjGm5agak0mA2W++ fOgAn02JoLeXBOP88db8+LLIj0bG4Ypb =Ehm1 -----END PGP SIGNATURE-----