Bugzilla – Bug 320421
[PATCH] mono and SELinux don't get along too well
Last modified: 2007-09-15 21:24:46 UTC
---- Reported by rstrode@redhat.com 2006-02-27 12:31:52 MST ---- From https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=182965 "mono requires execmem to run. SELinux can not happen because the executable needs execment to even get started. Basically I get an execmem failure from unconfined_t before mono starts. If I allow execmem in SELinux mono will transition to mono_t but I get an auditallow granted message for unconfined_t. ELF file has a RWE segment, which triggers the denial when the kernel ELF loader tries to mmap it with those protections, IIUC. This happens prior to switching credentials, so it happens in the caller's context rather than the new domain. Build or code problem in mono." ---- Additional Comments From rstrode@redhat.com 2006-02-27 12:33:18 MST ---- Created an attachment (id=169332) Patch from Jakub Jelinek to make SELinux and Mono play together ---- Additional Comments From miguel@ximian.com 2006-02-28 01:02:45 MST ---- Guys, could you review this patch? ---- Additional Comments From lupus@ximian.com 2006-02-28 08:55:15 MST ---- Committed the fix (had to change it to make it actually work on amd64, patch also logged on redhat's bugzilla). Imported an attachment (id=169332) Unknown operating system unknown. Setting to default OS "Other".