* textrel_shlib_t @ 2006-05-11 17:30 Valdis.Kletnieks 2006-05-11 19:08 ` textrel_shlib_t Daniel J Walsh 0 siblings, 1 reply; 4+ messages in thread From: Valdis.Kletnieks @ 2006-05-11 17:30 UTC (permalink / raw) To: selinux [-- Attachment #1: Type: text/plain, Size: 351 bytes --] (And yes, I *know* I can just chcon the sucker into submission...) I have a 3rd-party shared library, for which I have source. It's throwing a execmod AVC that can be worked around with textrel_shlib_t. What in the source code causes this, and what's a good fix? I'd like to create a patch and push it upstream so it will Just Work for others.... [-- Attachment #2: Type: application/pgp-signature, Size: 226 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: textrel_shlib_t 2006-05-11 17:30 textrel_shlib_t Valdis.Kletnieks @ 2006-05-11 19:08 ` Daniel J Walsh 2006-05-11 19:48 ` textrel_shlib_t Valdis.Kletnieks 0 siblings, 1 reply; 4+ messages in thread From: Daniel J Walsh @ 2006-05-11 19:08 UTC (permalink / raw) To: Valdis.Kletnieks; +Cc: selinux Valdis.Kletnieks@vt.edu wrote: > (And yes, I *know* I can just chcon the sucker into submission...) > > I have a 3rd-party shared library, for which I have source. It's > throwing a execmod AVC that can be worked around with textrel_shlib_t. > > What in the source code causes this, and what's a good fix? I'd > like to create a patch and push it upstream so it will Just Work for > others.... > > Ulrich explains it. http://people.redhat.com/~drepper/selinux-mem.html http://people.redhat.com/~drepper/dsohowto.pdf -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: textrel_shlib_t 2006-05-11 19:08 ` textrel_shlib_t Daniel J Walsh @ 2006-05-11 19:48 ` Valdis.Kletnieks 2006-05-11 20:04 ` textrel_shlib_t Daniel J Walsh 0 siblings, 1 reply; 4+ messages in thread From: Valdis.Kletnieks @ 2006-05-11 19:48 UTC (permalink / raw) To: Daniel J Walsh; +Cc: selinux [-- Attachment #1: Type: text/plain, Size: 383 bytes --] On Thu, 11 May 2006 15:08:07 EDT, Daniel J Walsh said: > http://people.redhat.com/~drepper/selinux-mem.html I had that one already, it mostly discusses using chcon as a workaround.. > http://people.redhat.com/~drepper/dsohowto.pdf Aha! Some digging through this one, and we find: The library in question wasn't compiled with -fpic or similar. This looks easy enough to fix. :) [-- Attachment #2: Type: application/pgp-signature, Size: 226 bytes --] ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: textrel_shlib_t 2006-05-11 19:48 ` textrel_shlib_t Valdis.Kletnieks @ 2006-05-11 20:04 ` Daniel J Walsh 0 siblings, 0 replies; 4+ messages in thread From: Daniel J Walsh @ 2006-05-11 20:04 UTC (permalink / raw) To: Valdis.Kletnieks; +Cc: selinux Valdis.Kletnieks@vt.edu wrote: > On Thu, 11 May 2006 15:08:07 EDT, Daniel J Walsh said: > > >> http://people.redhat.com/~drepper/selinux-mem.html >> > > I had that one already, it mostly discusses using chcon as a workaround.. > > >> http://people.redhat.com/~drepper/dsohowto.pdf >> > > Aha! Some digging through this one, and we find: > > The library in question wasn't compiled with -fpic or similar. > > This looks easy enough to fix. :) > BTW Read my blog today, as I talk about a lot of this stuff... How timely. Dan -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2006-05-11 20:02 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2006-05-11 17:30 textrel_shlib_t Valdis.Kletnieks 2006-05-11 19:08 ` textrel_shlib_t Daniel J Walsh 2006-05-11 19:48 ` textrel_shlib_t Valdis.Kletnieks 2006-05-11 20:04 ` textrel_shlib_t Daniel J Walsh
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.