java插件导入到firefox后被SElinux阻止,如何解决?
昨天下了到java官网下了最新版的jdk1.6.0_14,然后按照安装指南将java插件导入到firefox,重启firefox后,setroubleshoot浏览器跳出来这样的阻止信息如下:
概述:
SELinux is preventing plugin-config (nsplugin_config_t) "search" to
./jdk1.6.0_14 (fusefs_t).
详细描述:
SELinux denied access requested by plugin-config. It is not expected that this
access is required by plugin-config and this access may signal an intrusion
attempt. It is also possible that the specific version or configuration of the
application is causing it to require additional access.
允许访问:
Sometimes labeling problems can cause SELinux denials. You could try to restore
the default system file context for ./jdk1.6.0_14,
restorecon -v './jdk1.6.0_14'
If this does not work, there is currently no automatic way to allow this access.
Instead, you can generate a local policy module to allow this access - see FAQ
(http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable
SELinux protection altogether. Disabling SELinux protection is not recommended.
Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi)
against this package.
附加信息:
源上下文 unconfined_u:unconfined_r:nsplugin_config_t:s0
目标上下文 system_u:object_r:fusefs_t:s0
目标对象 ./jdk1.6.0_14 [ dir ]
源 plugin-config
源路径 /usr/lib/nspluginwrapper/plugin-config
端口 <未知>
主机 Bill.Chuang
源 RPM 软件包 nspluginwrapper-1.1.2-4.fc10
目标 RPM 软件包
策略 RPM selinux-policy-3.5.13-18.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 catchall_file
主机名 Bill.Chuang
平台 Linux Bill.Chuang 2.6.27.25-170.2.72.fc10.i686 #1
SMP Sun Jun 21 19:03:24 EDT 2009 i686 i686
警报计数 28
第一个 2009年07月12日 星期日 09时04分20秒
最后一个 2009年07月13日 星期一 13时47分34秒
本地 ID 4dc6b17a-8d48-454b-af2a-40eb9199101e
行号
原始核查信息
node=Bill.Chuang type=AVC msg=audit(1247464054.234:15): avc: denied { search } for pid=3461 comm="plugin-config" name="jdk1.6.0_14" dev=sda6 ino=182300 scontext=unconfined_u:unconfined_r:nsplugin_config_t:s0 tcontext=system_u:object_r:fusefs_t:s0 tclass=dir
node=Bill.Chuang type=SYSCALL msg=audit(1247464054.234:15): arch=40000003 syscall=33 success=no exit=-13 a0=8055f40 a1=4 a2=8055f40 a3=bfbcff08 items=0 ppid=3459 pid=3461 auid=500 uid=500 gid=500 euid=0 suid=0 fsuid=0 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="plugin-config" exe="/usr/lib/nspluginwrapper/plugin-config" subj=unconfined_u:unconfined_r:nsplugin_config_t:s0 key=(null)
这样的话,每次打开firefox都会跳出来,比较郁闷,所以请教哪位高手可以解决下,在此谢过!