Description of problem: metacity does not load. error message indicates a selinux problem. Version-Release number of selected component (if applicable): libselinux 1.30.15-5 selinux-policy 2.3.1-1 metacity 2.15.5-6 How reproducible: Always Steps to Reproduce: 1. update FC6 test 1 to July 6 updates 2. reboot 3. check for running metacity process or look in log for error messages Actual results: metacity does not load causing window display problems Expected results: Typical gnome windows Additional info: The following is written to /var/log/messages: Localhost kernel: audit(1152216505.513:285): avc: denied {execmem } for pid=2408 com="metacity" scontext=user_u:system_r:unconfined_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=process
Why does metacity need execmem privs? This is a potential security problem, and we are trying to eliminate this wherever possible. http://people.redhat.com/~drepper/selinux-mem.html
*** Bug 198068 has been marked as a duplicate of this bug. ***
*** Bug 198710 has been marked as a duplicate of this bug. ***
*** Bug 198268 has been marked as a duplicate of this bug. ***
Created attachment 132345 [details] metacity strace
Do we have an update on this being fixed? Or should I change the executable to allow execmem for the time being? Currently people are setting allow_execmem to get this to work.