SELinux is preventing /usr/bin/boinc_client from using the 'execstack' accesses on a process. ***** Plugin catchall (100. confidence) suggests *************************** If you believe that boinc_client should be allowed execstack access on processes labeled boinc_t by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep /usr/bin/boinc_client /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:system_r:boinc_t:s0 Target Context unconfined_u:system_r:boinc_t:s0 Target Objects Unknown [ process ] Source boinc_client Source Path /usr/bin/boinc_client Port <Unknown> Host (removed) Source RPM Packages boinc-client-6.10.45-2.r21128svn.fc14 Target RPM Packages Policy RPM selinux-policy-3.9.7-18.fc14 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 2.6.35.10-72.fc14.x86_64 #1 SMP Mon Dec 20 21:14:22 UTC 2010 x86_64 x86_64 Alert Count 1 First Seen Fri 24 Dec 2010 15:56:32 GMT Last Seen Fri 24 Dec 2010 15:56:32 GMT Local ID 1f6a7739-446f-4da1-875b-01d87ed24eed Raw Audit Messages type=AVC msg=audit(1293206192.27:34): avc: denied { execstack } for pid=3109 comm="boinc_client" scontext=unconfined_u:system_r:boinc_t:s0 tcontext=unconfined_u:system_r:boinc_t:s0 tclass=process boinc_client,boinc_t,boinc_t,process,execstack type=SYSCALL msg=audit(1293206192.27:34): arch=x86_64 syscall=mprotect success=no exit=EACCES a0=7fff6223a000 a1=1000 a2=1000007 a3=3a26821000 items=0 ppid=1 pid=3109 auid=500 uid=489 gid=473 euid=489 suid=489 fsuid=489 egid=473 sgid=473 fsgid=473 tty=(none) ses=1 comm=boinc_client exe=/usr/bin/boinc_client subj=unconfined_u:system_r:boinc_t:s0 key=(null) boinc_client,boinc_t,boinc_t,process,execstack #============= boinc_t ============== allow boinc_t self:process execstack;
*** This bug has been marked as a duplicate of bug 665453 ***