Ahojte, keď spustím cez wine program pokerstars ta mi vypíše SElinux následovné:
SELinux is preventing wine-preloader from mmap_zero access on the memprotect .
***** Plugin mmap_zero (53.1 confidence) suggests **************************
If you do not think wine-preloader should need to mmap low memory in the kernel.
Then you may be under attack by a hacker, this is a very dangerous access.
Do
contact your security administrator and report this issue.
***** Plugin catchall_boolean (42.6 confidence) suggests *******************
If you want to mmap_low_allowed
Then you must tell SELinux about this by enabling the ‘mmap_low_allowed’ boolean.You can read ‘wine_selinux’ man page for more details.
Do
setsebool -P mmap_low_allowed 1
***** Plugin catchall (5.76 confidence) suggests ***************************
If you believe that wine-preloader should be allowed mmap_zero access on the memprotect by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
grep wine-preloader /var/log/audit/audit.log | audit2allow -M mypol
semodule -i mypol.pp
Additional Information:
Source Context unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
Target Context unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023
Target Objects [ memprotect ]
Source wine-preloader
Source Path wine-preloader
Port <Neznáme>
Host amd-pc
Source RPM Packages
Target RPM Packages
Policy RPM selinux-policy-3.10.0-128.fc17.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name amd-pc
Platform Linux amd-pc 3.4.0-1.fc17.x86_64 #1 SMP Sun Jun 3
06:35:17 UTC 2012 x86_64 x86_64
Alert Count 7
First Seen St 13. jún 2012, 15:22:48 CEST
Last Seen St 13. jún 2012, 15:23:11 CEST
Local ID a4457ab7-a2e2-47e4-9ab0-cd82957e473f
Raw Audit Messages
type=AVC msg=audit(1339593791.953:155): avc: denied { mmap_zero } for pid=15152 comm=“wine-preloader” scontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:wine_t:s0-s0:c0.c1023 tclass=memprotect
Hash: wine-preloader,wine_t,wine_t,memprotect,mmap_zero
audit2allowunable to open /sys/fs/selinux/policy: Permission denied
audit2allow -Runable to open /sys/fs/selinux/policy: Permission denied
Chel by som Vás poprosiť o radu, či to mám odignorovať alebo čo s tým mám spraviť.
Díky