Stop disabling SELinux

[da2x]

Reducing system security is the wrong advise.

gps-share runs unconstrained, so you don’t need to disable SELinux for it to work. (FirewallD is another matter.)

As far as I can tell, the only SELinux policy issue is the following:

type=AVC msg=audit(1516309779.425:5202): avc:  denied  { name_connect } for  pid=27477 comm="geoclue" dest=38103 scontext=system_u:system_r:geoclue_t:s0 tcontext=system_u:object_r:ephemeral_port_t:s0 tclass=tcp_socket permissive=1

Work around it with the following policy:

allow geoclue_t ephemeral_port_t:tcp_socket name_connect;

Upstream bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=1362118 https://github.com/firewalld/firewalld/pull/284

[hadess]

Is the mention of firewalls necessary? On Fedora Workstation, the port for avahi to function properly is also poked through. It's only a problem for non-Workstation Fedoras, which would be unlikely to use the program in the first place. I'd put this information in a more generic troubleshooting section instead.

[zeenix]

So be it. :)