Nvidia and selinux
Tanguy Eric
eric.tanguy at univ-nantes.fr
Sun Jun 17 07:07:55 UTC 2007
Le dimanche 17 juin 2007 à 00:24 +0200, Boy Hartsuiker a écrit :
> On Sun, 17 Jun 2007 00:21:44 +0200, Boy Hartsuiker
> <bm.hartsuiker at gmail.com> wrote:
>
> > Om: Sat, 16 Jun 2007 23:50:50 +0200, Tanguy Eric wrote:
> >> Since today's update, i can't run nvidia drivers without adding
> >> selinux=0 to the kernel parameters. Without this the x server don't
> >> start :type=AVC msg=audit(1182029670.355:86): avc: denied { execstack
> >> } for
> >> pid=2634 comm="Xorg"
> >> scontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023
> >> tcontext=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 tclass=process
> >> type=SYSCALL msg=audit(1182029670.355:86): arch=40000003 syscall=125
> >> success=no exit=-13 a0=bfe12000 a1=1000 a2=1000007 a3=fffff000 items=0
> >> ppid=2633 pid=2634 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
> >> egid=0 sgid=0 fsgid=0 tty=tty7 comm="Xorg" exe="/usr/bin/Xorg"
> >> subj=system_u:system_r:xdm_xserver_t:s0-s0:c0.c1023 key=(null)
> >
> > run "system-config-security"
> > In the menu "Memory Protection" check the 5th box that says "...make
> > their stack executable..."
> > If I remember correctly you'll have to allow "...map region as both
> > executable and writable..." too, but I'm not sure
> >
>
> Sorry, "system-config-selinux", not "system-config-security"
>
Thanks
It works.
Eric
More information about the fedora-list
mailing list