New Policy Doesn't Fix It

Stephen Smalley sds at
Fri Jun 17 11:40:23 UTC 2005

On Fri, 2005-06-17 at 06:58 -0400, Daniel J Walsh wrote:
> Are you sure you have allow_execmod set?
> setsebool -P allow_execmod=1

Per the avc message, the file was labeled usr_t
(/opt/openoffice.org1.9.104/program/  So unless
you are allowing execmod to all file types (not a good idea), that
wouldn't help.  It would need to be texrel_shlib_t (preferably) or at
least shlib_t (not sure what you allow in targeted policy).

Stephen Smalley
National Security Agency

More information about the fedora-selinux-list mailing list