On Tue, 2005-04-12 at 02:27 +0200, Sander Hoentjen wrote:
Hi,
I get the following error in my log:
audit(1113264360.332:0): avc: denied { execmod } for pid=3261
comm=wish
path=/home/tjikkun/programs/amsn-extras/plugins/tls1.4/libtls1.4.so
dev=hda2 ino=243257 scontext=user_u:system_r:unconfined_t
tcontext=user_u:object_r:user_home_t tclass=file
It happens when I try to use aMSN which in turn wants to use this lib. I
am a developer of aMSN and I would really like to know what is the best
way to fix it. I guess I could change my policy or something(?), but
when we distribute aMSN I would like to have it working
"out-of-the-box". Any ideas on how to make this happen?
See if the library requires text relocations:
readelf -d <your library> |grep TEXTREL
If so, try to fix that. I'm not sure how - maybe compile with -fPIC?
If it can't be fixed, it can be marked texrel_shlib_t to make it work,
but the user would have to enable the allow_execmod boolean. I'm not
sure if targeted policy has it enabled by default.
--
Ivan Gyurdiev <ivg2(a)cornell.edu>
Cornell University