Bug 161920 - After selinux-policy-targeted 1.17.30-3.13 installs, X fails with NVIDIA drivers
After selinux-policy-targeted 1.17.30-3.13 installs, X fails with NVIDIA drivers
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
3
i386 Linux
medium Severity high
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-06-28 10:18 EDT by Greg Swallow
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 1.17.30-3.16
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-08-19 05:53:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Greg Swallow 2005-06-28 10:18:14 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.7.7) Gecko/20050414 Firefox/1.0.3

Description of problem:
Hi,

Here's what happened in our yum.log:

Jun 24 05:36:55 Installed: kernel.i686 2.6.11-1.35_FC3
Jun 25 04:46:50 Updated: HelixPlayer.i386 1:1.0.5-0.fc3.2
Jun 27 08:15:12 Updated: selinux-policy-targeted.noarch 1.17.30-3.13

Then, the NVIDIA drivers broke.  When I tried to start X it failed:

Jun 27 09:57:08 otto kernel: audit(1119884228.752:0): avc:  denied  { execmod } for  pid=4491 comm=X path=/usr/lib/tls/libnvidia-tls.so.1.0.7174 dev=hda2 ino=642018 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:shlib_t tclass=file
Jun 27 09:57:08 otto fstab-sync[4633]: added mount point /media/floppy for /dev/fd0
Jun 27 09:57:09 otto kernel: audit(1119884229.269:0): avc:  denied  { execmod } for  pid=4491 comm=X path=/usr/X11R6/lib/modules/drivers/nvidia_drv.so dev=hda2 ino=898067 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:shlib_t tclass=file
Jun 27 09:57:10 otto gdm[4476]: gdm_slave_xioerror_handler: Fatal X error - Restarting :0
Jun 27 09:57:14 otto kernel: audit(1119884234.127:0): avc:  denied  { execmod } for  pid=4670 comm=X path=/usr/lib/tls/libnvidia-tls.so.1.0.7174 dev=hda2 ino=642018 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:shlib_t tclass=file
Jun 27 09:57:14 otto kernel: audit(1119884234.168:0): avc:  denied  { execmod } for  pid=4670 comm=X path=/usr/X11R6/lib/modules/drivers/nvidia_drv.so dev=hda2 ino=898067 scontext=user_u:system_r:unconfined_t tcontext=system_u:object_r:shlib_t tclass=file

Disabling selinux in grub.conf fixes the issue.  Additionally, trying to reinstall the NVIDIA drivers (in case it were a kernel/driver mismatch) failed, too:

Jun 28 08:25:42 otto kernel: audit(1119965142.703:0): avc:  denied  { execmod } for  pid=6959 comm=nv-tmp-ymFwAI path=/tmp/nv-tmp-6qnCcG dev=hda2 ino=457526 scontext=root:system_r:unconfined_t tcontext=root:object_r:tmp_t tclass=file


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.17.30-3.13 kernel-2.6.11-1.35_FC3 NVIDIA-Linux-x86-1.0-7667

How reproducible:
Always

Steps to Reproduce:
1. Enable selinux
2. Try to start X with nvidia drivers installed
3.
  

Actual Results:  X wouldn't start.

Expected Results:  X should start.

Additional info:
Comment 1 Daniel Walsh 2005-07-03 11:20:49 EDT
Fixed in selinux-policy-targeted-1.17.30-3.16
Comment 2 Walter Justen 2005-08-19 05:53:22 EDT
update package is published

Note You need to log in before you can comment on or make changes to this bug.