Jens Petersen wrote:
Jon Fairbairn wrote:
Fixed in the HEAD and the 6.4 branch, but I haven't been able to test
(don't have SE Linux on a local machine). Please download a
snapshot and
try it out, if possible.
That does seem to mend it for me. Note that my report says
it only seems to happen x86_64 while in fact the fault /is/
present on x86 in 6.4.1
I don't see it with i386 FC5 with ghc-6.4.2, but I received a report on
it for x86_64 FC5 when selinux is enforcing.
Today I tried ghc-6.4.2.20060619-x86_64-unknown-linux on x86_64 FC6test1
with enforcing selinux however and still get:
ghc: internal error: getMBlock: mmap: Permission denied
from the rts. ("setsebool allow_execmem 1" works around it.)
My fix works around allow_execheap being set to 0, but not
allow_execmem. This page describes how to work around allow_execmem:
http://people.redhat.com/drepper/selinux-mem.html
But I really object to having to go to such lengths just to work around
an overly restrictive security policy. GHC really does do runtime code
generation, so it really does need some writable/executable memory.
Perhaps someone who knows SELinux would like to describe how to set up
an exception for GHC so we can put it in the FAQ? How do things like
Mono work on an SELinux system, do they have a policy exception set up?
Cheers,
Simon
_______________________________________________
Glasgow-haskell-bugs mailing list
Glasgow-haskell-bugs@haskell.org
http://www.haskell.org/mailman/listinfo/glasgow-haskell-bugs
