Adobe Reader is not working in Fedora 17. $ acroread /opt/Adobe/Reader9/Reader/intellinux/bin/acroread: error while loading shared libraries: libcrypto.so.0.9.8: cannot enable executable stack as shared object requires: Permission denied $ ls -lhZ /opt/Adobe/Reader9/Reader/intellinux/bin/ -rwxr-xr-x. root root system_u:object_r:bin_t:s0 acroread -rwxr-xr-x. root root system_u:object_r:bin_t:s0 SynchronizerApp -rwxr-xr-x. root root system_u:object_r:bin_t:s0 SynchronizerApp-binary -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-desktop-icon -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-desktop-menu -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-email -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-icon-resource -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-mime -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-open -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-user-dir -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-user-dirs-update Strangely, chcon does not seem to have any effect: $ sudo chcon -t execmem_exec_t /opt/Adobe/Reader9/Reader/intellinux/bin/acroread $ ls -lhZ /opt/Adobe/Reader9/Reader/intellinux/bin/ -rwxr-xr-x. root root system_u:object_r:bin_t:s0 acroread -rwxr-xr-x. root root system_u:object_r:bin_t:s0 SynchronizerApp -rwxr-xr-x. root root system_u:object_r:bin_t:s0 SynchronizerApp-binary -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-desktop-icon -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-desktop-menu -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-email -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-icon-resource -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-mime -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-open -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-user-dir -rwxr-xr-x. root root system_u:object_r:bin_t:s0 xdg-user-dirs-update
Did you see sealert to this issue? If not, try to check it. It will tell you what to do. basically you can try to clear execstack flag or change a label.
sealert advises to use execstack, to set allow_execstack, or to report a bug. Acroread works after installing the generated SELinux module file.
Did you try to see if Adobe has shipped an executable that is marked as needing execstack even though it does not?
You would be more secure without turning on the allow_execstack boolean, but sadly there are lots of apps that mistakenly think they need it or some that actually do.
(In reply to comment #4) > You would be more secure without turning on the allow_execstack boolean, but > sadly there are lots of apps that mistakenly think they need it or some that > actually do. I installed the module file generated with sealert's help (in the bug report section), so I didn't turn the boolean on.