Bug 1477462 - Needed to clear execstack on libQt5WebEngineCore.so.5 for Akregator to work
Needed to clear execstack on libQt5WebEngineCore.so.5 for Akregator to work
Status: NEW
Product: Fedora
Classification: Fedora
Component: qt5 (Show other bugs)
Unspecified Linux
unspecified Severity low
: ---
: ---
Assigned To: Helio Chissini de Castro
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2017-08-02 03:44 EDT by Troels Arvin
Modified: 2017-08-02 03:44 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Troels Arvin 2017-08-02 03:44:45 EDT
Description of problem:
After upgrading from Fedora 25 to Fedora 26, akregator would no longer start:

$ akregator
akregator: error while loading shared libraries: libQt5WebEngineCore.so.5: cannot enable executable stack as shared object requires: Permission denied

Meanwhile, in /var/log/audit/audit.log:

type=AVC msg=audit(1501659590.197:793): avc:  denied  { execstack } for  pid=20267 comm="akregator" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process permissive=0

Workaround: As root, I ran 
execstack -c /usr/lib64/libQt5WebEngineCore.so.5

After that:
# execstack -q /usr/lib64/libQt5WebEngineCore.so.5
- /usr/lib64/libQt5WebEngineCore.so.5

And now, Akregator would run. But now, my qt5-qtwebengine package is no longer unmodified:
$ rpm --verify qt5-qtwebengine
SM5....T.    /usr/lib64/libQt5WebEngineCore.so.5

I don't know if this is a problem in the qt5-qtwebengine package, or if it's a problem with Akregator.

Note You need to log in before you can comment on or make changes to this bug.