1

Scientific Linux 6.3 run evince in SELinux sandbox

view story
linux-howto

http://unix.stackexchange.com – I'm trying to run evince in the SELinux sandbox: sandbox -X /usr/bin/evince Unixforpoets.pdf but after waiting for minutes nothing happens, console doesn't outputs anything. So I collected the logs (/var/log/messages): Sep 30 12:32:14 HOSTNAME kernel: type=1400 audit(1349001134.585:23466): avc: denied { name_bind } for pid=22229 comm="Xephyr" src=6081 scontext=unconfined_u:unconfined_r:sandbox_xserver_t:s0:c310,c1018 tcontext=system_u:object_r:varnishd_port_t:s0 tclass=tcp_socket packages installed: rpm -qa | egrep -i "policycoreutils-python|policycoreutils-sandbox|Xephyr|selinux" (HowTos)