Nvidia and selinux
Boy Hartsuiker
bm.hartsuiker at gmail.com
Sat Jun 16 22:21:44 UTC 2007
Om: Sat, 16 Jun 2007 23:50:50 +0200, Tanguy Eric wrote:
> Since today's update, i can't run nvidia drivers without adding
> selinux=0 to the kernel parameters. Without this the x server don't
> start :type=AVC msg=audit(1182029670.355:86): avc: denied { execstack
> } for
> pid=2634 comm="Xorg"
> scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023
> tcontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tclass=process
> type=SYSCALL msg=audit(1182029670.355:86): arch=40000003 syscall=125
> success=no exit=-13 a0=bfe12000 a1=1000 a2=1000007 a3=fffff000 items=0
> ppid=2633 pid=2634 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
> egid=0 sgid=0 fsgid=0 tty=tty7 comm="Xorg" exe="/usr/bin/Xorg"
> subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
run "system-config-security"
In the menu "Memory Protection" check the 5th box that says "...make their
stack executable..."
If I remember correctly you'll have to allow "...map region as both
executable and writable..." too, but I'm not sure
--
Boy Hartsuiker
More information about the fedora-list
mailing list