Bug 379621

Summary: Can't Start VirtualBox - SELinux is preventing VirtualBox from loading /usr/lib/VBoxVMM.so which requires text relocation.
Product: [Fedora] Fedora Reporter: Robert E. Lee <robert>
Component: selinux-policy-targetedAssignee: Daniel Walsh <dwalsh>
Status: CLOSED NOTABUG QA Contact: Ben Levenson <benl>
Severity: medium Docs Contact:
Priority: low    
Version: 8   
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-11-14 08:54:41 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Robert E. Lee 2007-11-13 09:47:50 UTC 
Description of problem:
    The VirtualBox application attempted to load /usr/lib/VBoxVMM.so which
    requires text relocation.


Version-Release number of selected component (if applicable):
Affected RPM Packages         VirtualBox-1.5.2_25433_fedora7-1 [target]


How reproducible:
Attempt to start VirtualBox

  
Actual results:
/usr/lib/virtualbox/VirtualBox: error while loading shared libraries:
/usr/lib/VBoxVMM.so: cannot restore segment prot after reloc: Permission denied

Expected results:
VirtualBox starting.

Additional info:
This worked in FC7.
Comment 1 Daniel Walsh 2007-11-13 19:41:04 UTC 
Does 

chcon -t textrel_shlib_t /usr/lib/VBoxVMM.so

Fix the problem?

Thi sis a bug in the way the library was built.  You should report this as a bug
to the maintainers/distributes of VirtualBox.

I will default the file type to 
textrel_shlib_t in selinux-policy-3.0.8-54.fc8
Comment 2 Robert E. Lee 2007-11-14 08:54:41 UTC 
Sorry.  This likely only became a problem because I upgraded from FC7->FC8 and
then relabeled the fs.

After changing the context to system_u:object_r:textrel_shlib_t for the
following files, VirtualBox functioned properly again.

/usr/lib:
VBoxDD2.so  VBoxKeyboard.so  VBoxSharedClipboard.so  VBoxVRDP.so
VBoxDD.so   VBoxREM.so       VBoxSharedFolders.so    VBoxXML.so
VBoxDDU.so  VBoxRT.so        VBoxVMM.so              VBoxXPCOM.so

/usr/lib/virtualbox/components:
VBoxC.so  VBoxSVCM.so  VBoxXPCOMIPCC.so
Comment 3 Daniel Walsh 2007-11-14 15:16:20 UTC 
No this is a problem.  I added this mapping to selinux-policy-3.0.8-54.fc8

But you should report it to VirtualBox.  They are building their libraries
incorrectly.

http://people.redhat.com/~drepper/selinux-mem.html