I've played around a bit more using a very simple Windows program called
"Casio" ( the programmer for my Casio PC Unite watch, which I know works
quite well under Wine under older setups), and have found the following
information:
* The "wine_main_preload_info not found" message is coming from the
wine-preloader - the "wine" executable lacks the data structure that
wine-preloader is looking for, but wine-pthread and wine-kthread have this.
* wine-kthread won't run.
* wine-pthread will.
* For whatever reason, I cannot run a Windows program with "wine", but I
can run it with "wine-pthread":
>[wowbaggr@surfer bin]$ wine ./casio
>wine_main_preload_info not found
>wine_main_preload_info not found
>wine: could not load L"Z:\\bin\\casio.": Invalid address
>[wowbaggr@surfer bin]$ wine-pthread ./casio
>libGL warning: 3D driver claims to not support visual 0x4c
>wine_main_preload_info not found
>err:dosmem:setup_dos_mem Cannot use first megabyte for DOS address
space, please report
>libGL warning: 3D driver claims to not support visual 0x4c
(and the program runs)
* Side note: If I just type "wine casio" (casio being in the current
directory) then Wine cannot find it - wine does not look in the current
working directory.
* If I have "wine-pthread" set as the binfmt interpreter for Windows PE
files:
>cat /proc/sys/fs/binfmt_misc/DOSWin
>enabled
>interpreter /usr/bin/wine/wine-pthread
>flags:
>offset 0
>magic 4d5a
Then I *cannot* run the casio program directly - I get an AVC error
>Jul 30 19:01:42 surfer kernel: audit(1154304102.342:1745): avc:
denied { execmem } for pid=13475 comm="casio"
scontext=user_u:system_r:unconfined_t:s0
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
* If I set the security contect for the binary "casio" the same as
"wine" then it runs:
>[wowbaggr@surfer bin]$ ls -lZ casio
>-rwxr-xr-x wowbaggr wowbaggr system_u:object_r:wine_exec_t casio
This leads me to the conclusion that ideally, when run as the
interpreter for a PE executable via binfmt_misc, Wine needs to set the
process security context appropriately to allow for programs to run.
I've not looked into whether it is possible for a running process to
change its security context in this manner - if not, then at the very
least when Wine creates an EXE on behalf of an installer, in addition to
setting the execute permissions bit, it needs to set the security
context as well, or at least force a relabel of the file.
(Note: In all of the above, if an AVC denial occurred, or indeed any
other interesting event logged to syslog occurred, I mentioned it.)
_______________________________________________
wine-users mailing list
wine-users@xxxxxxxxxx
http://www.winehq.org/mailman/listinfo/wine-users
