On Wed, 2005-05-11 at 18:25 +0100, Mike Hearn wrote:
On Wed, 2005-05-11 at 12:56 -0400, Ivan Gyurdiev wrote:
However, they are not marked as such - Daniel, perhaps /usr(/local)?/lib/wine/.*.so -- textrel_shlib_t should be added?
That is a bit hacky. I personally install Wine to /opt/wine and Crossover can go anywhere. I think it'd be better to adjust the Wine build system to label them correctly.
That's not how SELinux works right now - labeling decisions are centralized in the policy. I'm not sure why it's done that way - perhaps it's because the policy sources are also centralized.
(cc-ed Stephen Smalley - maybe he can explain)
If you label wine in the build system, and later I run restorecon, which brings the system permissions in sync with what the file_contexts file says, it will restore the permissions back to what the policy thinks they should be.
On the other hand, if wine doesn't need text relocations, it would be better if it was compiled without them.
I have no idea why they're there, like I said, there's no documentation I could find on what causes the toolchain to produce them. How do you go about getting rid of them? They're compiled with -fPIC already.
Not sure about that - my guesses run out with fPIC...