On 07/24/2017 08:09 AM, Bob Goodwin wrote: > On 07/23/17 18:39, Ed Greshko wrote: >> And the answer is quite simple. Just run the following command as root.... >> >> setsebool -P unconfined_mozilla_plugin_transition 0 > > + > > I am curious to know how you arrived at that. Is it something I should have > been > able to do, something I might be able to apply in another problem? > First, I hardly ever use firefox. I have it set up to use a network proxy for a specific use case that I occasionally need. With that in mind.
My "thought" process and diagnosis when about like this.... 1. I went to the page you posted and tried to print a puzzle and verified I see the same as you do. 2. I noticed that the popup for printing is referencing "plugin-container" 3. Did some googling, not much actually, and nothing popped out at me. 4. Recalled in the back of my head seeing a selinux error in the past running FF. 5. So, I tried "setenforce 0" and then run FF and try printing again....and it worked. 6. Restored "setenforce1" and ran "semodule -BD" to turn on auditing so the AVC is generated and logged. Got the sealert popup and found the AVC for plugin-container and followed the suggestion which was.... If you want to use the plugin package Then you must turn off SELinux controls on the Firefox plugins. Do # setsebool -P unconfined_mozilla_plugin_transition 0 7. Ran "semodule -B" to restore donot-audit. Maybe in summary it is wise to remember that selinux has a lot of 'donot audit" in its policies turned on by default. So, you can get selinux errors without getting notified. So, at times, if something doesn't work but no error messages are to be found then one possible reason is selinux and trying "setenforce 0" on a temporary basis is a troubleshooting option. -- Fedora Users List - The place to go to speculate endlessly
signature.asc
Description: OpenPGP digital signature
_______________________________________________ users mailing list -- [email protected] To unsubscribe send an email to [email protected]
