On Thu, 23 Sep 2004 20:54, Gunnar Hilling <fedora.gunnar@xxxxxxxxxx> wrote:
> Sep 23 12:50:45 nelson kernel: audit(1095936645.518:0): avc: denied {
> execute } for pid=4862 path=/lib/tls/i686/libdb-4.2.so dev=dm-5
> ino=234979213 scontext=root:system_r:httpd_t
> tcontext=system_u:object_r:lib_t tclass=file
>
> Anyone could fix this in the policy (cause I can't...).
The attached patch to the policy source fixes the problem.
If you don't use the policy source then just append the following line
to /etc/selinux/targeted/contexts/files/file_contexts and then use restorecon
to fix the context of the file.
/lib(64)?/tls/i.86/[^/]*\.so(\.[^/]*)* -- system_u:object_r:shlib_t
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
--- file_contexts/types.fc 2004-09-23 22:31:19.000000000 +1000
+++ file_contexts/types.fc 2004-09-23 22:35:06.000000000 +1000
@@ -302,7 +297,7 @@
/lib(64)?/[^/]*/lib[^/]*\.so(\.[^/]*)* -- system_u:object_r:shlib_t
/lib(64)?/security/[^/]*\.so(\.[^/]*)* -- system_u:object_r:shlib_t
/lib(64)?/tls/i686/cmov/[^/]*\.so(\.[^/]*)* -- system_u:object_r:shlib_t
-/lib(64)?/tls/i486/[^/]*\.so(\.[^/]*)* -- system_u:object_r:shlib_t
+/lib(64)?/tls/i.86/[^/]*\.so(\.[^/]*)* -- system_u:object_r:shlib_t
#
# /sbin
