FC3 " avc: denied" issue
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Mon Dec 27 16:04:45 UTC 2004
On Tue, 28 Dec 2004 02:36:07 +1100, Russell Coker said:
> So what do they do instead? Force a binary-only module to be loaded into a
> kernel of a version other than the one it was created for? That's a recipe
> for disaster! I hope that the users of the NVidia drivers don't have any
> important data on their machines...
No, what they do is a big binary-only blob, and a little 30K shim for each
kernel version (even compiling one from source if it's a kernel it doesn't know
but there's a usable source tree to build against).
>> (Hell, just the last 48 hours I had a mysterious X.org issue caused by two
>> conflicting NVidia libraries, a crufty one in one directory, a current
>> version in another, and the symptoms depended on what order ldconfig found
>> things in ld.so.conf....)
> It seems that the NVidia drivers suck in many ways.
No, this one was self-inflicted. :) Merely intended to point out the sort of
user screw-ups they need to worry about (what, you don't think some user is
going to say 'rpm -Uvh --force' to get the wrong version installed and then
call for help? ;)
NVidia *is* trying to DTRT thing here - they're hampered by the fact that a lot
of their code is licensed from others. The most productive thing to do here is
to collectively figure out what NVidia's installer needs to do to cooperate
with the FC3/4 environment (there's several SELinux gotchas, and it probably
needs to leave the right clues for udev - after the latest udev RPM went on my
laptop this weekend, my /dev/nvidia* devices didn't show up at next reboot).
It looks like the SELinux policy already has all the needed hooks for NVidia,
just their installer needs to make sure it nails *all* the right 'restorecon'
commands (at least for SELinux issues).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20041227/4e820b85/attachment.sig>
More information about the fedora-selinux-list
mailing list