SELinux fails to apply local policy module
by Suvayu Ali
Hi,
I use CrossOver (based on Wine) to run a Windows game. Everytime
CrossOver runs something, I get this avc denial.
SELinux is preventing wine-preloader from mmap_zero access on the
memprotect .
Raw Audit Messages from sealert:
type=AVC msg=audit(1365802456.473:13663): avc: denied { mmap_zero }
for pid=24734 comm="wine-preloader"
scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
tclass=memprotect
So I tried following the instructions to generate a local policy module:
# grep wine-preloader /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
But this fails like this:
libsepol.scope_copy_callback: passanger: Duplicate declaration in
module: type/attribute passenger_tmp_t (No such file or directory).
libsemanage.semanage_link_sandbox: Link packages failed (No such file
or directory). semodule: Failed!
So I have two questions,
1. is something missing in my system that the above fails?
2. is there a better way to resolve this other than generating a local
policy module?
Thanks in advance,
PS: I am almost clueless about SELinux, so please bear with me.
--
Suvayu
Open source is the future. It sets us free.
11 years
selinux-policy syntax errors?
by Zoltan Boszormenyi
Hi,
I was running "yum upgrade" and these were printed:
...
Frissítés : selinux-policy-targeted-3.11.1-90.fc18.noarch 47/139
***************************************************************************************************************************************
Frissítés : selinux-policy-doc-3.11.1-90.fc18.noarch 48/139
Frissítés : selinux-policy-devel-3.11.1-90.fc18.noarch 49/139
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63391 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63392 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63393 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63394 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63395 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63396 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63397 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63398 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63399 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63400 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63409 '
[type=SQUOTE]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63431 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63432 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63433 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63434 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63435 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63436 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63437 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63438 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63439 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63440 :
[type=COLON]
/usr/share/selinux/devel/include/services/xserver.if: Syntax error on line 63458 '
[type=SQUOTE]
Frissítés : krb5-workstation-1.10.3-15.fc18.x86_64 50/139
...
These rpms and drpms were downloaded:
selinux-policy-devel-3.11.1-87.fc18_3.11.1-90.fc18.noarch.drpm
selinux-policy-doc-3.11.1-87.fc18_3.11.1-90.fc18.noarch.drpm
selinux-policy-3.11.1-90.fc18.noarch.rpm
selinux-policy-targeted-3.11.1-90.fc18.noarch.rpm
Should I worry about these messages? BZ#953824
Thanks in advance,
Zoltán Böszörményi
11 years
cross-platform notes / tomboy / evernote
by SternData
I've been using Tomboy for ages to keep track of all sorts of stuff, but
now I need to have that same info available on other platforms (e.g.,
my Mac, iPad, iPhone), so I'm thinking that Evernote is the solution.
Have you tried "nixnote"?
What are your solutions for making your notes portable?
--
-- Steve
11 years
The Virt-Manager Storage Disks Fedora 18 host.
by Frank Murphy
I have 5 physical disks, on which the virt-images are stored.
What I have found is for whatever reason, I need to put a new
disk or disk-controller card into the host machine.
It can changes the order of the disks as seen by the host.
So vm's may not start as the physical disk they are on eg: /dev/sdd
is now /dev/sdf or or /dev/sdc
What can I do to protect myself from this in the future.
--
Regards,
Frank
http//www.frankly3d.com
11 years
How to disable fsck of root-filesystem at boot time?
by Clemens Eisserer
Hi,
I would like to run Fedora on a nilfs2 root-partition.
For now I only added the nilfs2-module to dracut.conf and it loads
fine up to the point where it tries to execute the non-existing
fsck.nilfs2.
Is there any way to disable the execution of fsck.nilfs2?
Thanks, Clemens
11 years
How to avoid ARP flux issue in linux?
by Kevin Peterson
Hi,
I have a setup where eth0 and eth1 interfaces are in same broadcast domain.
But i have a virtual IP configured on eth1 and a physical ip on eth0.
It is observed that if eth0 is default route then eth0 will respond to arp request for the IP configured on eth1.
This would cause an issue since traffic will be routed via eth0.
Thanks,
Kevin Peterson
11 years
