Hide Forgot
Summary: SELinux is preventing /opt/google/chrome/chrome from loading /opt/google/chrome/chrome which requires text relocation. Detailed Description: The chrome application attempted to load /opt/google/chrome/chrome which requires text relocation. This is a potential security problem. Most libraries do not need this permission. Libraries are sometimes coded incorrectly and request this permission. The SELinux Memory Protection Tests (http://people.redhat.com/drepper/selinux-mem.html) web page explains how to remove this requirement. You can configure SELinux temporarily to allow /opt/google/chrome/chrome to use relocation as a workaround, until the library is fixed. Please file a bug report. Allowing Access: If you trust /opt/google/chrome/chrome to run correctly, you can change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t '/opt/google/chrome/chrome'" You must also change the default file context files on the system in order to preserve them even on a full relabel. "semanage fcontext -a -t textrel_shlib_t '/opt/google/chrome/chrome'" Fix Command: chcon -t textrel_shlib_t '/opt/google/chrome/chrome' Additional Information: Source Context unconfined_u:unconfined_r:unconfined_execmem_t:s0- s0:c0.c1023 Target Context system_u:object_r:execmem_exec_t:s0 Target Objects /opt/google/chrome/chrome [ file ] Source chrome Source Path /opt/google/chrome/chrome Port <Unknown> Host (removed) Source RPM Packages google-chrome-stable-14.0.835.163-101024 Target RPM Packages google-chrome-stable-14.0.835.163-101024 Policy RPM selinux-policy-3.6.32-41.fc12 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name allow_execmod Host Name (removed) Platform Linux (removed) 2.6.31.5-127.fc12.i686.PAE #1 SMP Sat Nov 7 21:25:57 EST 2009 i686 i686 Alert Count 15 First Seen Tue 20 Sep 2011 06:35:37 AM IST Last Seen Tue 20 Sep 2011 06:41:12 AM IST Local ID e74f927d-9763-4db4-83f1-04812effd0a3 Line Numbers Raw Audit Messages node=(removed) type=AVC msg=audit(1316481072.542:23218): avc: denied { execmod } for pid=1949 comm="chrome" path="/opt/google/chrome/chrome" dev=sda7 ino=272875 scontext=unconfined_u:unconfined_r:unconfined_execmem_t:s0-s0:c0.c1023 tcontext=system_u:object_r:execmem_exec_t:s0 tclass=file node=(removed) type=SYSCALL msg=audit(1316481072.542:23218): arch=40000003 syscall=125 success=no exit=-13 a0=b4621000 a1=31fd000 a2=5 a3=bf8a3fd0 items=0 ppid=1 pid=1949 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="chrome" exe="/opt/google/chrome/chrome" subj=unconfined_u:unconfined_r:unconfined_execmem_t:s0-s0:c0.c1023 key=(null) Hash String generated from selinux-policy-3.6.32-41.fc12,allow_execmod,chrome,unconfined_execmem_t,execmem_exec_t,file,execmod audit2allow suggests: #============= unconfined_execmem_t ============== allow unconfined_execmem_t execmem_exec_t:file execmod;
Fedora12 is no longer supported. Please update to a newer Fedora release.