-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
On 06/06/2011 09:23 PM, Christoph A. wrote:
On 06/04/2011 03:10 AM, Christoph A. wrote:
"Could not start the gpg-agent program which is needed for you GnuPG version denied."
starting thunderbird with gpg-agent like this: sandbox -X -t sandbox_net_t -H tb gpg-agent --daemon thunderbird
seams to solve the first error.
Next error: Error - encryption command failed /usr/bin/gpg --charset utf8 .... --list-secret-keys gpg: fatal: can't disable core dumps: Permission denied secmem usage: 0/0 bytes in 0/0 blocks of pool 0/0
getsebool -a|grep -i dump allow_daemons_dump_core --> on
So gpg is not allowed to disable coredumps. Is this a policy bug? (no AVCs) How can I allow gpg to disable core dumps?
something similar to [1] is probably needed for sandbox_net_t too.
allow sandbox_net_t self:process setrlimit; correct?
[1] https://bugzilla.redhat.com/show_bug.cgi?id=610812