~$ skype skype: error while loading shared libraries: cannot restore segment prot after reloc: Permission denied type=AVC msg=audit(1370887287.866:1468): avc: denied { execmod } for pid=9842 comm="skype" path="/opt/bin/skype" dev="dm-2" ino=15 scontext=staff_u:staff_r:skype_t tcontext=staff_u:object_r:skype_exec_t tclass=file -- added "allow skype_t skype_exec_t:file execmod;" ~$ skype (... lots of denials on search cert_t ...) (... then, upon closing the welcome screen ...) shm_open() failed: Function not implemented Failed to create secure directory: Permission denied shm_open() failed: Function not implemented Failed to create secure directory: Permission denied type=AVC msg=audit(1370887345.319:1843): avc: denied { search } for pid=9890 comm="skype" name=".pulse" dev="dm-0" ino=1082527 scontext=staff_u:staff_r:skype_t tcontext=staff_u:object_r:user_home_t tclass=dir type=AVC msg=audit(1370887345.322:1844): avc: denied { getattr } for pid=9890 comm="skype" path="/home/swift/.pulse" dev="dm-0" ino=1082527 scontext=staff_u:staff_r:skype_t tcontext=staff_u:object_r:user_home_t tclass=dir type=AVC msg=audit(1370887345.322:1845): avc: denied { read } for pid=9890 comm="skype" name=".pulse" dev="dm-0" ino=1082527 scontext=staff_u:staff_r:skype_t tcontext=staff_u:object_r:user_home_t tclass=dir type=AVC msg=audit(1370887345.322:1846): avc: denied { rmdir } for pid=9890 comm="skype" name=".pulse" dev="dm-0" ino=1082527 scontext=staff_u:staff_r:skype_t tcontext=staff_u:object_r:user_home_t tclass=dir -- fixed denials on cert through miscfiles_read_generic_certs(skype_t), ignoring pulse for now Seems like skype now works again (still a few denials, but working for me). Reproducible: Always
In repo
In repo, ~arch (rev 2 of the policies)
r2 is now stable