Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
David Kramer wrote: > setroubleshootd.log shows: > [avc.DEBUG] analyze_avc() avc=avc: denied { execmod } for a0=11b000 > a1=2d000 a2=5 a3=bfdc4110 arch=40000003 auid=500 comm="ffmpeg" dev=hda1 > egid=0 euid=0 exe="/usr/bin/ffmpeg" exit=-13 fsgid=0 fsuid=0 gid=0 > items=0 name="libswscale.so.0.5.0" path="/usr/lib/libswscale.so.0.5.0" > pid=5534 scontext=user_u:system_r:unconfined_t:s0 sgid=0 > subj=user_u:system_r:unconfined_t:s0 success=no suid=0 syscall=125 > tclass=file tcontext=system_u:object_r:lib_t:s0 tty=pts2 uid=0 > > Can someone explain to me what that error means, and how I can get > around it? I've never dealt with SELinux, but I recall from BLU talks covering it that there is suppose to be a tool that can take stuff like the log entry above and turn it into an SELinux rule, thus permitting the action to occur. You're still on your own to figure out what's going on and decide whether to permit it to happen. It wouldn't surprise me if someone has written a GUI tool that intercepts these access violations, and presents a more friendly "application X tried to do Y. Add a rule to permit this?" dialog. Something you might not want on a server, but appropriate for a desktop. Kristian Hermansen wrote: > So, you just need to manually allow this library to be > remapped within your ffmpeg process. Check out chcon... So perhaps chcon is the tool? -Tom -- Tom Metro Venture Logic, Newton, MA, USA "Enterprise solutions through open source." Professional Profile: http://tmetro.venturelogic.com/ -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
BLU is a member of BostonUserGroups | |
We also thank MIT for the use of their facilities. |