Bug 149819
Summary: | Newer kernels cause init services to crash with shared library permission problems | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Gabriel Schulhof <gabrielschulhof> | ||||
Component: | kernel | Assignee: | Dave Jones <davej> | ||||
Status: | CLOSED RAWHIDE | QA Contact: | Brian Brock <bbrock> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | rawhide | CC: | barryn, dwmw2, jmorris, pfrields, sdsmall, sundaram | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | powerpc | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2005-09-04 23:22:12 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 133471 | ||||||
Attachments: |
|
Description
Gabriel Schulhof
2005-02-27 22:15:56 UTC
Created attachment 111755 [details]
Change SELinux execute-related permission checking
This attachment contains a patch to change the SELinux execute-related checking
both to address the specific bug in this report (for ppc32) as well as to
address
more widely reported issues with the same checks for legacy binaries and
binaries requiring PT_GNU_STACK RWE on x86. This patch was submitted against
2.6.11-mm1
to Andrew Morton today, but I was told to also submit in bugzilla to help
ensure
that it gets into Fedora Core devel soon. The patch does have one overlap with
another patch also submitted upstream today for enhanced MLS support, so you
will likely need to hand merge the Kconfig change (or if necessary, I can try
to grab the Fedora Core devel SRPM and re-base the diff, but that is obviously
more painful for me ;).
BTW, I'd recommend changing component to kernel and changing architecture to all, as the kernel patch I just attached to the prior comment is obviously a kernel fix and addresses more than just the ppc-specific issue. And this presumably means that the bug should be assigned to davej instead of dwalsh... Well, as of kernel-2.6.11-1.1176_FC4, the problem is still present, although it doesn't complain about bringing up interface lo anymore. The patch hasn't been included in the FC devel kernel yet AFAIK. I need someone else to change component to kernel and assigned to to davej so that he will queue it up for future FC devel kernels; I can't do it myself. BTW, the patch is now included in 2.6.11-mm2. So if davej rebases to that, he'll get it automatically. the -mm kernels are too volatile to consider rebasing to. I've picked this patch up (and tweaked it slightly, it rejected in Kconfig as you mentioned above), it'll be in tomorrows rawhide, and should make it into FC4 test1 |