Bug 187220
Summary: | Can't use Livna bmp-mp3 package in selinux enforcing mode | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | idak <shinkoi2005> |
Component: | selinux-policy-targeted | Assignee: | Daniel Walsh <dwalsh> |
Status: | CLOSED RAWHIDE | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 5 | CC: | drepper, dwalsh, fedora, nsoranzo |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-05-05 15:01:58 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
idak
2006-03-29 11:02:02 UTC
Livna tracks this problem as Bug 826 ( http://bugzilla.livna.org/show_bug.cgi?id=826 ) I was told that the freshrpms plugin packages has the same problem If we can do anything in the rpm to fix this please tell us. But I suppose we need /usr/lib(64)?/bmp/Input/libmpg123\.so -- system_u:object_r:textre l_shlib_t:s0 in the policy file. The actual denied message looks like this: kernel: audit(1143132699.632:43): avc: denied { execmod } for pid=23814 comm="beep-media-play" name="libmpg123.so" dev=hda6 ino=495848 scontext=user_u:system_r:unconfined_t:s0 tcontext=system_u:object_r:lib_t:s0 tclass=file Please read the following http://people.redhat.com/drepper/selinux-mem.html We can add that policy rule but it would be better to fix the library to not need these priv BTW This policy change is in selinux-policy-2.2.29-2.fc5 Closing as these have been marked as modified, for a while. Feel free to reopen if not fixed |