|
|
fedora10。。。。。
都一个星期了。我快要崩溃了。。。。VM也装不上,,,VBOX更装上。。。。。上苍啊。我在百度在GOOGLE搜的一星期,连外文都翻译着看。。。。还是找不到解决方法~~~~
以下是我的终端内容:
使用和所有的版本
[root@FC10 applications]# uname -r2.6.27.9-159.fc10.i686
[root@FC10 applications]# rpm -q kernel-devel
kernel-devel-2.6.27.5-117.fc10.i686
kernel-devel-2.6.27.9-159.fc10.i686
kernel-devel-2.6.29-0.9.rc0.git4.fc11.i686
安装时报错
[root@FC10 brook]# rpm -ivh VirtualBox-2.1.0_41146_fedora9-1.i386.rpm
error: open of VirtualBox-2.1.0_41146_fedora9-1.i386.rpm failed: 没有那个文件或目录
[root@FC10 brook]# cd /home/brook/下载
[root@FC10 下载]# rpm -ivh VirtualBox-2.1.0_41146_fedora9-1.i386.rpm
Preparing... ########################################### [100%]
1:VirtualBox ########################################### [100%]
Creating group 'vboxusers'. VM users must be member of that group!
No precompiled module for this kernel found -- trying to build one. Messages
emitted during module compilation will be logged to /var/log/vbox-install.log.
Success!
运行时报错:
[root@FC10 applications]# VirtualBox
VirtualBox: supR3HardenedMainGetTrustedMain: dlopen("/usr/lib/virtualbox/VirtualBox.so",) failed: /usr/lib/virtualbox/VirtualBox.so: cannot open shared object file: Permission denied
[root@FC10 applications]#
能成功编译:
[root@FC10 brook]# service vboxdrv setup
Stopping VirtualBox kernel module [确定]
Removing old VirtualBox netflt kernel module [确定]
Removing old VirtualBox kernel module [确定]
Recompiling VirtualBox kernel module [确定]
Starting VirtualBox kernel module [确定]
ROOT安装
权限也有了
故障排除工具的 信息:
概述:
SELinux is preventing totem from loading /usr/lib/sse2/libpostproc.so.51.2.0
which requires text relocation.
详细描述:
The totem application attempted to load /usr/lib/sse2/libpostproc.so.51.2.0
which requires text relocation. This is a potential security problem. Most
libraries do not need this permission. Libraries are sometimes coded incorrectly
and request this permission. The SELinux Memory Protection Tests
(http://people.redhat.com/drepper/selinux-mem.html) web page explains how to
remove this requirement. You can configure SELinux temporarily to allow
/usr/lib/sse2/libpostproc.so.51.2.0 to use relocation as a workaround, until the
library is fixed. Please file a bug report
(http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package.
允许访问:
If you trust /usr/lib/sse2/libpostproc.so.51.2.0 to run correctly, you can
change the file context to textrel_shlib_t. "chcon -t textrel_shlib_t
'/usr/lib/sse2/libpostproc.so.51.2.0'" You must also change the default file
context files on the system in order to preserve them even on a full relabel.
"semanage fcontext -a -t textrel_shlib_t '/usr/lib/sse2/libpostproc.so.51.2.0'"
Fix 命令:
chcon -t textrel_shlib_t '/usr/lib/sse2/libpostproc.so.51.2.0'
附加信息:
源上下文 unconfined_u:unconfined_r:unconfined_t:s0
目标上下文 system_u bject_r:lib_t:s0
目标对象 /usr/lib/sse2/libpostproc.so.51.2.0 [ file ]
源 totem
源路径 /usr/bin/totem
端口 <未知>
主机 FC10
源 RPM 软件包 totem-2.24.3-1.fc10
目标 RPM 软件包 ffmpeg-libs-0.4.9-0.52.20080908.fc10
策略 RPM selinux-policy-3.5.13-18.fc10
启用 Selinux True
策略类型 targeted
启用 MLS True
Enforcing 模式 Enforcing
插件名称 allow_execmod
主机名 FC10
平台 Linux FC10 2.6.27.9-159.fc10.i686 #1 SMP Tue Dec
16 15:12:04 EST 2008 i686 i686
警报计数 187
第一个 2009年01月02日 星期五 09时50分45秒
最后一个 2009年01月05日 星期一 17时36分31秒
本地 ID eb48c9d9-b522-4c6a-a54e-46f370fb2e53
行号
原始核查信息
node=FC10 type=AVC msg=audit(1231176991.396:75): avc: denied { execmod } for pid=5513 comm="totem" path="/usr/lib/sse2/libpostproc.so.51.2.0" dev=dm-0 ino=884772 scontext=unconfined_u:unconfined_r:unconfined_t:s0 tcontext=system_ubject_r:lib_t:s0 tclass=file
node=FC10 type=SYSCALL msg=audit(1231176991.396:75): arch=40000003 syscall=125 success=no exit=-13 a0=6dff000 a1=9000 a2=5 a3=bfbec250 items=0 ppid=5512 pid=5513 auid=500 uid=500 gid=500 euid=500 suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 comm="totem" exe="/usr/bin/totem" subj=unconfined_u:unconfined_r:unconfined_t:s0 key=(null) |
|
IP卡
狗仔卡
发表于 2009-1-5 20:52:18
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡