Description of problem: Copied from setroubleshoot: Target Context: system_u:system_r:unconfined_t:s0Target Objects: None [ process ]Affected RPM Packages: Policy RPM: selinux-policy-3.0.8-11.fc8Selinux Enabled: TruePolicy Type: targetedMLS Enabled: TrueEnforcing Mode: PermissivePlugin Name: plugins.allow_execmemHost Name: megadoomerPlatform: Linux megadoomer 2.6.23-0.202.rc8.fc8 #1 SMP Mon Sep 24 22:09:05 EDT 2007 i686 i686Alert Count: 6First Seen: Wed 26 Sep 2007 01:46:19 PM EDTLast Seen: Wed 26 Sep 2007 01:53:54 PM EDTLocal ID: 5b5e6c03-6b04-49bd-b9e3-43352f45a175Line Numbers: Raw Audit Messages :avc: denied { execmem } for comm=/usr/share/virt egid=0 euid=0 exe=/usr/bin/python exit=-1239875584 fsgid=0 fsuid=0 gid=0 items=0 pid=4795 scontext=system_u:system_r:unconfined_t:s0 sgid=0 subj=system_u:system_r:unconfined_t:s0 suid=0 tclass=process tcontext=system_u:system_r:unconfined_t:s0 tty=(none) uid=0 Version-Release number of selected component (if applicable): virt-manager-0.5.0-1.fc8 selinux-policy-targeted-3.0.8-11.fc8
virt manager should not require execmem.
I was not aware that we did require execmem. Its certainly not something we knowingly introduced. Please capture a core file, install all the -debuginfo packages for python, virt-manager, gtk-vnc, gtk, glib, glibc and extract a stack trace from the place where it crashes.
Ok, ignore my previous request for core dump/trace - I've managed to reproduce it. The flaw is in the GTK-VNC widget, which mmaps a chunk of memory with PROT_READ|PROT_WRITE|PROT_EXEC to use for the stack in swapcontext() / makecontext() calls. Totally bogus to have PROT_EXEC there. #0 0x00002aaaad5dc49c in swapcontext () from /lib64/libc.so.6 #1 0x00002aaaaaccbf6c in cc_swap (from=0x2aaaaaed9cb0, to=0x646bc0) at continuation.c:46 #2 0x00002aaaaaccc120 in coroutine_swap (from=0x2aaaaaed9c80, to=0x646b90, arg=0x2aaaaaed9df8) at coroutine.c:81 #3 0x00002aaaaacd3da8 in do_vnc_display_open (data=<value optimized out>) at vncdisplay.c:731 #4 0x00002aaaacb68ee3 in IA__g_main_context_dispatch (context=0x631670) at gmain.c:2061 #5 0x00002aaaacb6c1dd in g_main_context_iterate (context=0x631670, block=1, dispatch=1, self=<value optimized out>) at gmain.c:2694 #6 0x00002aaaacb6c4ea in IA__g_main_loop_run (loop=0x6887e0) at gmain.c:2898 #7 0x00002aaaab035f63 in IA__gtk_main () at gtkmain.c:1144 #8 0x0000000000403950 in ?? () #9 0x00002aaaad5baff4 in __libc_start_main (main=0x4031b0, argc=2, ubp_av=0x7fff68bd7618, init=<value optimized out>, fini=<value optimized out>, rtld_fini=<value optimized out>, stack_end=0x7fff68bd7608) at libc-start.c:220 #10 0x0000000000402b29 in ?? () #11 0x00007fff68bd7608 in ?? () #12 0x0000000000000000 in ?? ()
Created attachment 207411 [details] Fix mmap flags to avoid execmem errors.
Built into rawhide. * Wed Sep 26 2007 Daniel P. Berrange <berrange> - 0.2.0-2.fc8 - Remove use of PROT_EXEC for coroutine stack (rhbz #307531 )
Thanks for the quick fix!
*** Bug 307481 has been marked as a duplicate of this bug. ***
*** Bug 277471 has been marked as a duplicate of this bug. ***
*** Bug 277831 has been marked as a duplicate of this bug. ***