Description of problem: Hello. I installed a f8 rebuild of gstreamer-pitfdll from freshrpms, and I have the win32 codecs. I tried to load "totem http://195.10.10.102:80/antena3/neox.asf" and the following message appears from setroubleshoot: -setroubleshoot detailed description- The totem application attempted to change the access protection of memory on the heap (e.g., allocated using malloc). This is a potential security problem. Applications should not be doing this. Applications are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests web page explains how to remove this requirement. If totem does not work and you need it to work, you can configure SELinux temporarily to allow this access until the application is fixed. Please file a bug report against this package. --- The workaround proposed is allow execheap on all the filesystem, not valid for me. So I'm reporting this bug, expecting that totem could fix it. I can play the same address with gmplayer without denials. Version-Release number of selected component (if applicable): totem-2.20.1-1.fc8 How reproducible: Always. Steps to Reproduce: 1. Run "totem http://195.10.10.102:80/antena3/neox.asf" with setroubleshoot enabled 2. A message appears. 3. The stream doesn't plays. Actual results: the stream doesn't plays. Expected results: To work like with gmplayer. Additional info: mplayer-1.0-0.88.rc2.lvn8
And without gstreamer-pitfdll installed, you don't get the problem? Check which plugin is causing the AVC messages by moving them away from /usr/lib*/gstreamer-0.10/ one by one, and running gst-inspect-0.10. Let me know which plugin is causing the messages.
Hello. Without gstreamer-pitfdll I can't play the video, but also I dont get a avc denial. $rpm -ql gstreamer-pitfdll /usr/lib/gstreamer-0.10/libpitfdll.so /usr/lib/win32 /usr/share/doc/gstreamer-pitfdll-0.9.1.1 /usr/share/doc/gstreamer-pitfdll-0.9.1.1/AUTHORS /usr/share/doc/gstreamer-pitfdll-0.9.1.1/COPYING /usr/share/doc/gstreamer-pitfdll-0.9.1.1/README /usr/share/doc/gstreamer-pitfdll-0.9.1.1/RELEASE /usr/share/doc/gstreamer-pitfdll-0.9.1.1/TODO I know it must be this new plugin, because it is the only change from one run to another /usr/lib/gstreamer-0.10/libpitfdll.so also, here is the output of gst-inspect pitfdll: $gst-inspect-0.10 pitfdll Plugin Details: Name: pitfdll Description: DLL-loader elements Filename: /usr/lib/gstreamer-0.10/libpitfdll.so Version: 0.9.1.1 License: GPL Source module: pitfdll Binary package: PitfDLL Origin URL: http://ronald.bitfreak.net/pitfdll/ qtadec_bin: quicktime binary audio decoder dmodec_wmspdmodv1: DMO wmspdmod decoder version 1 dmodec_wmadmodv3: DMO wmadmod decoder version 3 dmodec_wmadmodv2: DMO wmadmod decoder version 2 dmodec_wmadmodv1: DMO wmadmod decoder version 1 dmodec_wmvdmodv3: DMO wmvdmod decoder version 3 dmodec_wmvdmodv2: DMO wmvdmod decoder version 2 dmodec_wmvdmodv1: DMO wmvdmod decoder version 1 dmodec_wmv9dmodv3: DMO wmv9dmod decoder version 3 dshowdec_ir41_32v4: DS ir41_32 decoder version 4 dshowdec_ir50_32v5: DS ir50_32 decoder version 5 11 features: +-- 11 elements
You can report the problem upstream, at http://sourceforge.net/projects/pitfdll/ but my guess is that the Windows DLL are the ones needing the text relocations or the executable stacks. You might be able to run "restorecon -R -v /usr/lib/gstreamer-0.10" if you have selinux-policy-3.0.8-40 (see bug #355291). If that doesn't work, I'll pass it on to Dan to fix (read: work-around) in the policy).
Hello. I'm reporting this bug to pifdll. The Allowing Access (workaroung) says: If you want totem to continue, you must turn on the allow_execheap boolean. Note: This boolean will affect all applications on the system.The following command will allow this access:setsebool -P allow_execheap=1 So I understand that it is a coding error and I don't want to allow wrongly coded programs to access whatever they want to do. I think this is for what SElinux is usefull. I tried the "restorecon" and the "chcon -t textrel_shlib_t /usr/lib/codecs/*" without success. I think that if gmplayer can access it totem (pitfdll) should work too. Thank you for the help.
You need to run the chcon on the GStreamer plugin, not the binary blobs from Windows... Closing this as it's a pitfdll problem. Please bring up any other problems on the fedora user mailing-lists or the forums.