Red Hat Bugzilla – Bug 467034
SELinux is preventing compiz from changing a writable memory segment executable.
Last modified: 2008-10-16 03:12:33 EDT
Description of problem:
The compiz application attempted to change the access protection of memory (e.g., allocated using malloc). This is a potential security problem. Applications should not be doing this. Applications are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests web page explains how to remove this requirement. If compiz does not work and you need it to work, you can configure SELinux temporarily to allow this access until the application is fixed.
Version-Release number of selected component (if applicable):
Name : compiz
Arch : x86_64
Version : 0.7.6
Release : 11.fc10
SELinux configured like this:
System Default Enforcing Mode = Enforcing
Current Enforcing Mode = Enforcing
System Default Policy Type = Targeted
Steps to Reproduce:
1. Enable SELinux as it's shown above
2. Login into the Gnome desktop
3. Run Compiz
Compiz did not start and SELinux TroubleShooter shows this message: SELinux is preventing compiz from changing a writable memory segment executable.
Compiz starts correctly.
Now I'm using this workaround:
chcon -t unconfined_execmem_exec_t '/usr/bin/compiz'
There is the same problem as in https://bugzilla.redhat.com/show_bug.cgi?id=467033
So I'm changing status on CAN'T FIX ... and will contact nvidia.