Wednesday 5th April 2006
curl and SELinux
The log messages generated by every invocation of curl are beginning to irritate me:
Apr 5 12:20:11 goalkeeper kernel: audit(1144236011.710:2884): avc: granted { execstack } for pid=30759 comm="curl" scontext=user_u:system_r:unconfined_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=process Apr 5 12:20:11 goalkeeper kernel: audit(1144236011.710:2885): avc: granted { execmem } for pid=30759 comm="curl" scontext=user_u:system_r:unconfined_t:s0 tcontext=user_u:system_r:unconfined_t:s0 tclass=process
I've raised Bug #188006 accordingly.
Update: It was entirely my own fault; my local libidn package (built on Red Hat Linux 9) was the culprit as it didn't define a separate stack segment. I shall have to build an FC5-specific version of this package in future