realplayer

Tom London selinux at gmail.com
Fri Oct 22 16:13:03 UTC 2004 

Running rawhide, strict/enforcing.

After installing the RealPlayer 10 rpm (installs mostly into /usr/local/....),
have no problem running realplayer in permissive mode.

It did through off the 'ld.so.cache' avc:

Oct 18 06:55:58 fedora kernel: audit(1098107758.752:0): avc:  denied 
{ execute } for  pid=3956 path=/etc/ld.so.cache dev=hda2 ino=4474151
scontext=user_u:user_r:user_t tcontext=system_u:object_r:ld_so_cache_t
tclass=file

I was not surprised, since the files were not properly labeled.

Using the labels from HelixPlayer as a guide, I relabled RealPlayer's
installed files (mostly changing .so -> shlib_t, etc.)

This fixed the 'ld.so.cache' avc, but now I'm stumped with the following:

Oct 22 08:58:36 fedora kernel: audit(1098460716.425:0): avc:  denied 
{ execute } for  pid=19845 path=/usr/lib/locale/locale-archive
dev=hda2 ino=4117048 scontext=user_u:user_r:user_t
tcontext=system_u:object_r:locale_t tclass=file
Oct 22 08:58:36 fedora kernel: audit(1098460716.426:0): avc:  denied 
{ execute } for  pid=19845
path=/usr/lib/locale/en_US.utf8/LC_IDENTIFICATION dev=hda2 ino=4444372
scontext=user_u:user_r:user_t tcontext=system_u:object_r:locale_t
tclass=file

Execute for locale files????  

I tried 'strace ./realplay.bin' and got:

<<<<<SNIP>>>>>
munmap(0xe5d000, 135566)                = 0
set_tid_address(0xc5c928)               = 19906
rt_sigaction(SIGRTMIN, {0x2c23a0, [], SA_RESTORER|SA_SIGINFO,
0x2c98a0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0x2c2410, [],
SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x2c98a0}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=10240*1024, rlim_max=RLIM_INFINITY}) = 0
_sysctl({{CTL_KERN, KERN_VERSION}, 2, 0xfefff5a8, 31, (nil), 0}) = 0
brk(0)                                  = 0x80d5000
brk(0x80f6000)                          = 0x80f6000
open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=38674048, ...}) = 0
mmap2(NULL, 2097152, PROT_READ, MAP_PRIVATE, 3, 0) = -1 EACCES
(Permission denied)
close(3)                                = 0
open("/usr/share/locale/locale.alias", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=2528, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xe36000
read(3, "# Locale name alias data base.\n#"..., 4096) = 2528
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0xe36000, 4096)                  = 0
open("/usr/lib/locale/en_US.UTF-8/LC_IDENTIFICATION", O_RDONLY) = -1
ENOENT (No such file or directory)
open("/usr/lib/locale/en_US.utf8/LC_IDENTIFICATION", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=365, ...}) = 0
mmap2(NULL, 365, PROT_READ, MAP_PRIVATE, 3, 0) = -1 EACCES (Permission denied)
close(3)                                = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++

Is this related to the previously reported (and fixed, I thought)
mmap() problem?   Something else?

thanks,
   tom

-- 
Tom London

More information about the fedora-selinux-list mailing list