nVidia drivers and xorg

Stephen Smalley sds at tycho.nsa.gov
Wed May 18 12:24:50 UTC 2005

On Wed, 2005-05-18 at 07:32 +0100, Paul wrote:
> One interesting thing on the logs...
> audit(1116372981.492:0): avc: denied {execmod} for
> path=/usr/lib/tls/libnvidia-tls.so.1.0.7174 dev=hda5 ino=263999
> scotext=system_u:system_r:initrc_t tcontext=root:object_r:lib_t
> tclass=file
> Is SELinux objecting to it and if it is, how do I fix it? I have SELinux
> set to Permissive - Targetted.

chcon -t texrel_shlib_t /usr/lib/tls/libnvidia-tls.so.1.0.7174

This marks the shared object as requiring text relocation, and thus
allows it to happen in the policy (if allow_execmod boolean is
active; /usr/sbin/getsebool allow_execmod).

Looks like the policy needs to be updated as the existing regex for
nvidia in types.fc doesn't cover this case (it seems to assume that they
live in a nvidia subdirectory).

Stephen Smalley
National Security Agency

More information about the fedora-selinux-list mailing list