On Sat, 2006-08-12 at 07:48 -0400, Daniel J Walsh wrote:
> >
> > I am also having problems with totem-mozplugin, totem's plugin for
> > firefox.
> >
> > Aug 11 16:18:15 soncomputer kernel: audit(1155327494.846:63): avc:
> > denied { execstack } for pid=11603 comm="totem-mozilla-v"
> > scontext=user_u:system_r:unconfined_t:s0
> > tcontext=user_u:system_r:unconfined_t:s0 tclass=process
> >
> > Aug 11 16:18:15 soncomputer kernel: audit(1155327494.850:64): avc:
> > denied { execstack } for pid=11603 comm="totem-mozilla-v"
> > scontext=user_u:system_r:unconfined_t:s0
> > tcontext=user_u:system_r:unconfined_t:s0 tclass=process
> >
> > Aug 11 16:18:15 soncomputer kernel: audit(1155327494.850:65): avc:
> > denied { execstack } for pid=11603 comm="totem-mozilla-v"
> > scontext=user_u:system_r:unconfined_t:s0
> > tcontext=user_u:system_r:unconfined_t:s0 tclass=process
> >
> >
> You have two choices with this turn on allow_execstack boolean or label
> firefox unconfined_execmem_exec_t.
Actually there is a better choice. Rather than change the context for
totem (and firefox and pitivi and rhythmbox and everything else that
uses gstreamer) you can just change the context of the pitfdll plugin
that is causing problems. It needs to exec its own modifiable memory
since it loads .dll files on to the heap, and then executes code that it
cuts out of them. Try this:
chcon -t texrel_shlib_t /usr/lib/gstreamer-0.10/libpitfdll.so
Cheers,
-Aaron
--
sig@xxxxxxxxxx
Plead the First.
--
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list
