Description of problem: $cat /var/log/audit/audit.log | grep execstack [skip] type=AVC msg=audit(1249399294.566:21455): avc: denied { execstack } for pid=10868 comm="blender.bin" scontext=unconfined_u:unconfined_r:unconfined_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process type=AVC msg=audit(1249399485.745:21456): avc: denied { execstack } for pid=11345 comm="gnome-falling-b" scontext=unconfined_u:unconfined_r:unconfined_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process type=AVC msg=audit(1249430143.379:20973): avc: denied { execstack } for pid=1633 comm="nautilus" scontext=unconfined_u:unconfined_r:unconfined_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process type=AVC msg=audit(1249437254.704:20980): avc: denied { execstack } for pid=3052 comm="empathy" scontext=unconfined_u:unconfined_r:unconfined_t:s0 tcontext=unconfined_u:unconfined_r:unconfined_t:s0 tclass=process $ empathy empathy: error while loading shared libraries: libGL.so.1: cannot enable executable stack as shared object requires: Permission denied After doing chcon -t execmem_exec_t, OpenGL application works well. $chcon -t execmem_exec_t /usr/bin/empathy Then, whenever updating new selinux-policy package, this issue appears, again. Version-Release number of selected component (if applicable): 3.6.26-2.fc12 How reproducible: always Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: selinux-policy-targeted-3.6.26-2.fc12.noarch libselinux-2.0.85-2.fc12.x86_64 policycoreutils-2.0.68-1.fc12.x86_64 checkpolicy-2.0.19-3.fc12.x86_64
Why does empathy need execstack?
This doesn't seem to be Empathy-specific..From the error message given, it looks like it's the Mesa libGL code that requires execstack features. Though why that is, and of why Empathy and Nautilus link to it explicitly in that way, I'm not certain. Adam, could you look into this please? :)
Try mesa-7.6-0.8.fc12 or newer.
Oops sorry! I use Nvidia proprietary driver.
*** This bug has been marked as a duplicate of bug 468678 ***