Bug 376401
| Summary: | SELinux is preventing totem from changing the access protection of memory on the heap. | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Juan Manuel Borges Caño <juanmabc3> |
| Component: | totem | Assignee: | Bastien Nocera <bnocera> |
| Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 8 | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2008-01-17 17:06:41 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Juan Manuel Borges Caño
2007-11-11 19:40:02 UTC
And without gstreamer-pitfdll installed, you don't get the problem? Check which plugin is causing the AVC messages by moving them away from /usr/lib*/gstreamer-0.10/ one by one, and running gst-inspect-0.10. Let me know which plugin is causing the messages. Hello. Without gstreamer-pitfdll I can't play the video, but also I dont get a avc denial. $rpm -ql gstreamer-pitfdll /usr/lib/gstreamer-0.10/libpitfdll.so /usr/lib/win32 /usr/share/doc/gstreamer-pitfdll-0.9.1.1 /usr/share/doc/gstreamer-pitfdll-0.9.1.1/AUTHORS /usr/share/doc/gstreamer-pitfdll-0.9.1.1/COPYING /usr/share/doc/gstreamer-pitfdll-0.9.1.1/README /usr/share/doc/gstreamer-pitfdll-0.9.1.1/RELEASE /usr/share/doc/gstreamer-pitfdll-0.9.1.1/TODO I know it must be this new plugin, because it is the only change from one run to another /usr/lib/gstreamer-0.10/libpitfdll.so also, here is the output of gst-inspect pitfdll: $gst-inspect-0.10 pitfdll Plugin Details: Name: pitfdll Description: DLL-loader elements Filename: /usr/lib/gstreamer-0.10/libpitfdll.so Version: 0.9.1.1 License: GPL Source module: pitfdll Binary package: PitfDLL Origin URL: http://ronald.bitfreak.net/pitfdll/ qtadec_bin: quicktime binary audio decoder dmodec_wmspdmodv1: DMO wmspdmod decoder version 1 dmodec_wmadmodv3: DMO wmadmod decoder version 3 dmodec_wmadmodv2: DMO wmadmod decoder version 2 dmodec_wmadmodv1: DMO wmadmod decoder version 1 dmodec_wmvdmodv3: DMO wmvdmod decoder version 3 dmodec_wmvdmodv2: DMO wmvdmod decoder version 2 dmodec_wmvdmodv1: DMO wmvdmod decoder version 1 dmodec_wmv9dmodv3: DMO wmv9dmod decoder version 3 dshowdec_ir41_32v4: DS ir41_32 decoder version 4 dshowdec_ir50_32v5: DS ir50_32 decoder version 5 11 features: +-- 11 elements You can report the problem upstream, at http://sourceforge.net/projects/pitfdll/ but my guess is that the Windows DLL are the ones needing the text relocations or the executable stacks. You might be able to run "restorecon -R -v /usr/lib/gstreamer-0.10" if you have selinux-policy-3.0.8-40 (see bug #355291). If that doesn't work, I'll pass it on to Dan to fix (read: work-around) in the policy). Hello. I'm reporting this bug to pifdll. The Allowing Access (workaroung) says: If you want totem to continue, you must turn on the allow_execheap boolean. Note: This boolean will affect all applications on the system.The following command will allow this access:setsebool -P allow_execheap=1 So I understand that it is a coding error and I don't want to allow wrongly coded programs to access whatever they want to do. I think this is for what SElinux is usefull. I tried the "restorecon" and the "chcon -t textrel_shlib_t /usr/lib/codecs/*" without success. I think that if gmplayer can access it totem (pitfdll) should work too. Thank you for the help. You need to run the chcon on the GStreamer plugin, not the binary blobs from Windows... Closing this as it's a pitfdll problem. Please bring up any other problems on the fedora user mailing-lists or the forums. |