SELinux and execheap
Andrea Musuruane
musuruan at gmail.com
Thu Aug 21 17:09:46 CEST 2008
Hi all,
As you main know, I maintain e-uae in RPM Fusion. Unluckily it
requires an executable heap and SELinux complains about this.
Therefore I try to tell SELinux that this program is OK to require an
executable heap and not to worry about. I read that changing the
context of the executable to unconfined_execmem_exec_t should be
enough.
This is the scriptlet I tried to make, but it doesn't work.
%post
[...]
semanage fcontext -a -t unconfined_execmem_exec_t %{_bindir}/uae
>/dev/null 2>&1 || :
restorecon -R %{_bindir}/uae
%postun
[...]
if [ "$1" -eq "0" ]; then
semanage fcontext -d -t unconfined_execmem_exec_t %{_bindir}/uae
>/dev/null 2>&1 || :
fi
Any idea what is wrong? A link to proper documentation should be
helpful too. I Googled a lot without finding anything really useful :(
Thanks.
Bye,
Andrea.
More information about the rpmfusion-developers
mailing list