From: paul@city-fan.org (Paul Howarth) Date: Sun, 20 Mar 2011 22:12:23 +0000 Subject: [refpolicy] text relocations for Altera Quartus II In-Reply-To: <1300546556.3034.17.camel@tesla.lan> References: <1300471770.14419.23.camel@tesla.lan> <201103191044.51855.russell@coker.com.au> <1300546556.3034.17.camel@tesla.lan> Message-ID: <20110320221223.5f5acb00@city-fan.org> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Sat, 19 Mar 2011 15:55:56 +0100 Guido Trentalancia wrote: > Hello Russell ! > > On Sat, 19/03/2011 at 10.44 +1100, Russell Coker wrote: > > On Sat, 19 Mar 2011, Guido Trentalancia > > wrote: > > > Up until the beginning of this year the Altera Quartus II > > > (free/web edition) for Linux was requiring text relocations on > > > most of the dynamic libraries shipped with the package (not open > > > source). Many people on the Altera forum were just disabling > > > SELinux and to the best of my knowledge Altera did not provide > > > fixed binaries. > > > > > > If it is of any interest to anybody, I could do some more detailed > > > research and get back with the list of files that would need to > > > be added to system/libraries.fc (provided that the installer has > > > a default location which I cannot remember now). > > > > Why would we want to add support for such non-free software? > > The web edition is free software. It is not open-source. > > In any case, the following should be considered: > - it hasn't got an equivalent (at present there are packages in > libraries.fc that have open-source equivalents, e.g. Acrobat Reader, > Realplayer); > - it is software from a vendor to support its own hardware products, > so it's very specific; > - users are unable to run it and are therefore are disabling SELinux > which is worse; > - it is widely used in universities and distributed for free with RTL > design books; > - I do not care personally as my installation had been fixed locally > long time ago within seconds. > > > That seems likely to get us more uncontrolled growth in .fc entries > > and less benefit than most things that we might do, particularly as > > they have an "installer" rather than using .deb or .rpm. > > Well, if the installer has a default base installation path, then > there won't me much difference... > > > Why not just write a blog post about how the user can run chcon > > after installation and also describe how Altera could fix their > > build environment? > > Done already on the Altera forum. But no reply from Altera. I am not > connected with them in any way, it's just something that I need to > use. For fairness now, I shall mention that a similar products from > Xilinx are also available. I got some similar file contexts for EMC NetWorker (an "enterprise" backup solution) added in Fedora and RHEL just by posting on fedora-selinux-list. That was another vendor that was suggesting to turn off SELinux for the want of a few context fixes (they actually package their software in RPMs so the contexts are set up correctly on install now, which is completely painless :-)). Paul.