3rd party shared objects won't work without disabling SELinux
Stephen Smalley
sds at tycho.nsa.gov
Thu Jan 26 13:35:44 UTC 2006
On Wed, 2006-01-25 at 16:16 -0800, Lonni J Friedman wrote:
> Hello,
> I'm working on an application that requires 3rd party (outside of what
> ships with FC) shared libraries. With FC4, I'm not having any
> problems. Up until just a few days ago, everything was working in
> FC5-test2 as well.
>
> However it seems that some update suddenly broke things in such a way
> that unless I completely disable SELinux, I cannot load/access the
> shared objects that I installed. When I attempt to do so, I get the
> following error:
> cannot enable executable stack as shared object requires: Permission denied
>
> Can someone point out what SELinux foo I might be missing here?
For discussion of the same issue for another application and DSO, see:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178924
and
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170187
Can you run 'execstack -c' on the shared object? If that succeeds, does
the program then work? Also, check your /var/log/audit/audit.log for
any other AVC denials.
--
Stephen Smalley
National Security Agency
More information about the fedora-selinux-list
mailing list