Ran into some more issues with SELinux and Oracle. We have some libraries stored in another location that are compiled with -fpic -shared (CFLAGS) and the program linking to it wasn't, and neither are any of the other libraries it links to (provided by Oracle... 10gr2 DB software)
SELinux is set to enforcing, but targeted.
So whats the fix...Well you either set all the libraries to a textrelocatable context ala chcon -t texrel_shlib_t /u01/app/oracle/product/10.2/client/lib/*.so
for 64bit. Then, like I ran into with using an external php as it tries to call oracle libraries, you must set the exec stack... execstack -c /path/to/library.so
Ok, thats one way to do it..
The other is to `setsebool -P allow_execmod=1` to allow execmods across relocatable text...
Thats how I did it...because Oracle can't compile their libraries right, and my DBA was tired of waiting...I'd prefer to not have to do this at all though eh?
Thursday, June 24, 2010
Subscribe to:
Posts (Atom)
