[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Beta on Beta: VMware Workstation 7 RC on F12B?

On Sun, 2009-10-25 at 15:47 -0400, David wrote:
> On 10/25/2009 2:22 PM, James Cassell wrote:
> > On Sun, 25 Oct 2009 09:42:39 -0400, Christopher A. Williams
> > <chriswfedora cawllc com> wrote:
> > 
> >> Just loaded my laptop with F12 beta. I need VMware Workstation 7 Beta
> > [...]
> >>
> >> If I could even just figure out how to get selinux into permissive mode,
> >> I think that would do the trick.
> > 
> > to do this at runtime, you can
> > # setenforce 0
> > 
> > however, next time you reboot, it will be enforcing again.
> > 
> >>
> >> Ideas?
> > 
> > I run VMware Server on Fedora.  Putting SELinux in permissive mode was
> > insufficient to get vmware to run.  I had to disable selinux entirely.
> > You can do this by editing /etc/selinux/config (you can also set in to
> > permissive from there)
> WOW! What a concept!
> In order to run a closed source 3rd party application that is
> misbehaving I will disable one of the very things that helps to protect
> my system from misbehaving 3rd party applications.

First, thanks to James for helping me solve the problem. Switching to
permissive mode allowed Workstation to install and run without any
further problems.

Next, the *concept* is actually this:
We're running B-E-T-A software here. That means we must do things to
find out how ALL software works on it, regardless of its license. This
isn't a misbehaving 3rd party closed source application. It's a 3rd
party application which is making a request that the selinux targeted
policy doesn't know anything about. We switch to permissive mode to flag
the issue in selinux and then report it. The selinux people then are
able to troubleshoot and resolve the problem by updating the targeted
policy accordingly.

So - to the the selinux folks: The issue appears to be that VMware
Workstation 7 RC is requesting access to portrelease, which makes sense
when you think of how it needs to set up virtual networks. Looks like it
may also be happening in F11. The fix is to create a policy for this to
be allowed for this application.

I will try to collect the bug and file a BZ for it next opportunity.



"You see things as they are and ask, 'Why?'
I dream things as they never were and ask, 'Why not?'"

-- George Bernard Shaw

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]