home dir issues w/ latest policy

[Bob Kashani]

On Fri, 2005-06-10 at 19:51 -0400, Ivan Gyurdiev wrote:
> On Fri, 2005-06-10 at 19:46 -0400, Ivan Gyurdiev wrote:
> > > [medieval at chaucer ~]$ touch tmpfile
> > > [medieval at chaucer ~]$ ls -Z tmpfile
> > > -rw-rw-r--  medieval medieval user_u:object_r:user_home_t      tmpfile
> > 
> > The user is user_u, but the type is user_home_t. This is normal.
> 
> Unless you have a user defined in /etc/selinux/targeted/*.users, 
> in which case make sure the policy upgrade didn't replace any of 
> those files, and erase your user.

Thanks Ivan for the info. For some reason everything in my home dir was
labeled as system_u and so I thought maybe something was up. :)

Now for the problem that I'm having:

Jun 10 20:57:47 chaucer kernel: audit(1118462267.758:0): avc:  denied
{ execmod } for  pid=20348 comm=lt-glib-genmars
path=/mnt/hdb1/home/gnome/garnome-2.11-20050610.1755/platform/glib/work/main.d/glib-2.6.4/glib/.libs/libglib-2.0.so.0.600.4 dev=hdb1 ino=4407601 scontext=user_u:system_r:unconfined_t tcontext=user_u:object_r:user_home_t tclass=file

When I try to compile garnome in my home dir I get the above avc and the
build stops. Do you know what has changed in the most recent policy
update that would cause this?

Here is the build error that I get:

/mnt/hdb1/home/gnome/garnome-2.11-20050610.1755/platform/glib/work/main.d/glib-2.6.4/gobject/.libs/lt-glib-genmarshal: error while loading shared libraries: /mnt/hdb1/home/gnome/garnome-2.11-20050610.1755/platform/glib/work/main.d/glib-2.6.4/glib/.libs/libglib-2.0.so.0: cannot restore segment prot after reloc: Permission denied
make[11]: *** [stamp-gmarshal.h] Error 127

When I turn off selinux everything builds fine.

Bob

-- 
Bob Kashani
http://www.ocf.berkeley.edu/~bobk/garnome