3rd party shared objects won't work without disabling SELinux
Lonni J Friedman
netllama at gmail.com
Thu Jan 26 17:08:25 UTC 2006
On 1/26/06, Stephen Smalley <sds at tycho.nsa.gov> wrote:
> On Wed, 2006-01-25 at 16:16 -0800, Lonni J Friedman wrote:
> > Hello,
> > I'm working on an application that requires 3rd party (outside of what
> > ships with FC) shared libraries. With FC4, I'm not having any
> > problems. Up until just a few days ago, everything was working in
> > FC5-test2 as well.
> >
> > However it seems that some update suddenly broke things in such a way
> > that unless I completely disable SELinux, I cannot load/access the
> > shared objects that I installed. When I attempt to do so, I get the
> > following error:
> > cannot enable executable stack as shared object requires: Permission denied
> >
> > Can someone point out what SELinux foo I might be missing here?
>
> For discussion of the same issue for another application and DSO, see:
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=178924
> and
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=170187
>
> Can you run 'execstack -c' on the shared object? If that succeeds, does
well, yes & no. It seems to fix one problem, but then causes another.
> the program then work? Also, check your /var/log/audit/audit.log for
> any other AVC denials.
Thanks, this gives me enough info to have a starting point to work on
this further. I'll speak up if I have more questions/problems that I
can't figure out.
-Lonni
More information about the selinux
mailing list