On 01/07/2013 11:51 AM, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/06/2013 06:55 PM, nonamedotc wrote:
Could anyone please shed some light on this selinux warning?
SELinux is preventing /usr/bin/python2.7 from using the execmem access on
a process.
Plugin: catchall you want to allow python2.7 to have execmem access on the
processIf you believe that python2.7 should be allowed execmem access on
processes labeled blueman_t by default. You should report this as a bug.
You can generate a local policy module to allow this access. Allow this
access for now by executing: # grep blueman-mechani
/var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp
This selinux alert appears on every login. Thanks.
http://www.akkadia.org/drepper/selinux-mem.html
execmem access is basically allowing an application to write and execute the
same memory. This is required for most buffer overflow attacks. We prevent
most confined applications from this access. Some tools need this kind of
access, usually needed for JIT compiled apps like mono and java. But few
applications actually need it.
What avc did you get? Did you open a bugzilla with selinux-policy or bluman?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iEYEARECAAYFAlDrCz0ACgkQrlYvE4MpobNFtwCguO2SfFhjqllesTm/cJjSXsk+
LLQAoL58MoZGm3DgYRBvZYsYPKzfEAa4
=FYNK
-----END PGP SIGNATURE-----
My temporary fix had been to get rid of blueman and since I had
absolutely no idea what to say, I have not filed a bug on anything yet.
I will reinstall blueman and send more information here and file a bug.
Thanks for the reply.
--
nonamedotc
--
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe:
https://admin.fedoraproject.org/mailman/listinfo/test
