no more desktop after 20060720 updates
Jim Cornette
fct-cornette at insight.rr.com
Sun Jul 23 22:17:41 UTC 2006
Horst H. von Brand wrote:
> Tom London <selinux at gmail.com> wrote:
>
> [Gnome starts (after a /long/ time, no windows decorations, terminal shows
> up in left upper corner]
>> Is 'metacity' running?
>
> Nope.
>
>> Try starting it from one of your (misplaced) terminal windows:
>> 'metacity&' and see what happens.
>
> metacity: error while loading shared libraries: libGL.so.1: failed to map
> segment from shared object: Permission denied
>
> /usr/lib/libGL.so.1.2 is root:root rwxr-xr-x
>
> No further libGL related stuff in /var/log/messages
>
> selinux-policy-targeted-2.3.3-9, mesa-libGL-6.5-13.1.fc6
I also have mesa-libGL-6.5-13.1.fc6 installed.
I tried this with SELinux off and with it on. I get the error with
enforcing but not with permissive.
metacity: error while loading shared libraries: libGL.so.1: failed to
map segment from shared object: Permission denied
It works with enforcing off for me.
/var/log/audit/audit.log contains denials. The execmem limitation is the
problem stated from past discussions. It was stated that a program is
bad if it needs execmem. That was the last discussion I heard about this
error.
There were no mesa-libGL package upgrades that I noted since the error
started.
Jim
type=MAC_STATUS msg=audit(1153692103.842:53): enforcing=0
old_enforcing=1 auid=0
type=SYSCALL msg=audit(1153692103.842:53): arch=40000003 syscall=4
success=yes exit=1 a0=3 a1=bfddd7c4 a2=1 a3=bfddd7c4 items=0 ppid=2544
pid=2621 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=tty1 comm="setenforce" exe="/usr/sbin/setenforce"
subj=root:system_r:unconfined_t:s0-s0:c0.c255 key=(null)
type=AVC msg=audit(1153692103.858:54): avc: denied { dac_override }
for pid=1695 comm="python" capability=1
scontext=system_u:system_r:setroubleshoot_t:s0
tcontext=system_u:system_r:setroubleshoot_t:s0 tclass=capability
type=SYSCALL msg=audit(1153692103.858:54): arch=40000003 syscall=33
success=yes exit=0 a0=8c24588 a1=2 a2=1045a64 a3=0 items=1 ppid=1660
pid=1695 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0
fsgid=0 tty=(none) comm="python" exe="/usr/bin/python"
subj=system_u:system_r:setroubleshoot_t:s0 key=(null)
type=CWD msg=audit(1153692103.858:54): cwd="/"
type=PATH msg=audit(1153692103.858:54): item=0 name="/var/lib/rpm"
inode=195650 dev=03:06 mode=040755 ouid=37 ogid=37 rdev=00:00
obj=system_u:object_r:rpm_var_lib_t:s0
type=AVC msg=audit(1153692118.295:55): avc: denied { execmem } for
pid=2623 comm="metacity" scontext=user_u:system_r:unconfined_t:s0
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
type=SYSCALL msg=audit(1153692118.295:55): arch=40000003 syscall=192
success=yes exit=67481600 a0=405b000 a1=5000 a2=7 a3=812 items=0
ppid=2598 pid=2623 auid=500 uid=500 gid=501 euid=500 suid=500 fsuid=500
egid=501 sgid=501 fsgid=501 tty=pts2 comm="metacity"
exe="/usr/bin/metacity" subj=user_u:system_r:unconfined_t:s0 key=(null)
More information about the fedora-test-list
mailing list