On Mon, 2005-03-28 at 14:31 +0200, Aurelien Bompard wrote:
Ivan Gyurdiev wrote:
> On Mon, 2005-03-28 at 13:46 +0200, Aurelien Bompard wrote:
>> Ivan Gyurdiev wrote:
>> > On Mon, 2005-03-28 at 12:55 +0200, Aurelien Bompard wrote:
>> >> Dave Jones wrote:
>> >> > Product : Fedora Core 3
>> >> > Name : kernel
>> >> > Version : 2.6.11
>> >> > Release : 1.7_FC3
>> >>
>> >> With this kernel, snmpd fails to start, probably due to a selinux
>> >> error : snmpd: /usr/sbin/snmpd: error while loading shared libraries:
>> >> libbeecrypt.so.6: cannot enable executable stack as shared object
>> >> requires: Permission denied
>> >
>> > Are there any related avc messages in the log (dmesg) ?
>>
>> Yes:
>> audit(1112010219.531:0): avc: denied { execmem } for pid=4806
>> comm=snmpd scontext=user_u:system_r:snmpd_t
>> tcontext=user_u:system_r:snmpd_t tclass=process
>
> I don't get this denial on rawhide - maybe it was fixed.
> See if there is an allow_execmem boolean, and enable that to
> work around the denial.
Thanks, but the only boolean about snmp on FC3 is snmpd_disable_trans.
Could we have a selinux update too if this kernel is pushed to the official
updates ?
cc-ed fedora-selinux-list.
--
Ivan Gyurdiev <ivg2(a)cornell.edu>
Cornell University