Mount & SELinux problems, session saving in GNOME

Stephen Smalley sds at
Mon Apr 17 16:12:53 UTC 2006

On Mon, 2006-04-17 at 18:58 +0300, Lauri wrote:
> To try that I enabled SELinux again. It relabelled the system and now
> gives new error:
>    Apr 17 18:33:08 localhost kernel: [drm] Loading R200 Microcode
>    Apr 17 18:33:10 localhost kernel: audit(1145287990.371:10): avc: 
> denied  { execmod } for  pid=3964 comm="metacity" name="" 
> dev=hda5 ino=1235892 scontext=user_u:system_r:unconfined_t:s0 
> tcontext=system_u:object_r:lib_t:s0 tclass=file

Hmmm...and /usr/lib is on your ext3 filesystem?
# /sbin/restorecon -v /usr/lib/

That should be textrel_shlib_t.  Looks ok on an up-to-date FC5 system

> As I understand, it tries to load some files from /usr/lib/ati-fglrx.
> GNOME fails to start.
> I'm using ext3 for / and reiserfs for some additional partitions
> (/data1, /data2).

In that case, the local policy module + context mount option should
enable you to access the reiserfs partitions sufficiently.

Stephen Smalley
National Security Agency

More information about the fedora-selinux-list mailing list