[Mesa-dev] [Bug 80185] Please do not hardcode SELinux identifiers in the code

bugzilla-daemon at freedesktop.org bugzilla-daemon at freedesktop.org
Wed Jun 18 05:32:05 PDT 2014


--- Comment #3 from rhatdan <dwalsh at redhat.com> ---
In Fedora the allow_exemem boolean is not set, and this boolean would only
effect user space.

getsebool -a | grep execmem
boinc_execmem --> on
cluster_use_execmem --> off
cups_execmem --> off
deny_execmem --> off
httpd_execmem --> off
virt_use_execmem --> off
xserver_execmem --> off

Currently we add booleans for confined services if we see them as necessary.

It would be better if your code just checked if you got EPERM or EACCESS  for
errno, and then if you want check if SELInux is enabled and continue with no
error.  Especially since you code works fine without WRITEABLE/EXECUTABLE

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/mesa-dev/attachments/20140618/c3d3a9a0/attachment.html>

More information about the mesa-dev mailing list