What is the right way to launch firefox from an unconfined user using runcon
?
I tried runcon -u staff_u -r staff_r -t mozilla_t /usr/lib64/firefox/firefox
, but I get transition denial with default policy or even after writing my own selinux module to allow transition.
It seems that the policy is there by default and it should be a straightforward runcon
something to launch firefox in its proper SELinux context. Please help.