Hello!
I have this issue, after install Labview 2017. This is start to open than close.
***** Plugin allow_execheap (53.1 confidence) suggests ********************
If you do not think /usr/local/natinst/LabVIEW-2017-64/labview should need to map heap memory that is both writable and executable.
Then you need to report a bug. This is a potentially dangerous access.
Do
contact your security administrator and report this issue.
***** Plugin catchall_boolean (42.6 confidence) suggests ******************
If you want to allow selinuxuser to execheap
Then you must tell SELinux about this by enabling the 'selinuxuser_execheap' boolean.
Do
setsebool -P selinuxuser_execheap 1
***** Plugin catchall (5.76 confidence) suggests **************************
If you believe that labview should be allowed execheap access on processes labeled unconfined_t by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'labview' --raw | audit2allow -M my-labview
# semodule -X 300 -i my-labview.pp
Additional Information:
Source Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Context unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
023
Target Objects Unknown [ process ]
Source labview
Source Path /usr/local/natinst/LabVIEW-2017-64/labview
Port <Unknown>
Host localhost.localdomain
Source RPM Packages labview-2017-exe-17.0.0-1.x86_64
Target RPM Packages
SELinux Policy RPM selinux-policy-targeted-38.1.23-1.el9_3.2.noarch
Local Policy RPM selinux-policy-targeted-38.1.23-1.el9_3.2.noarch
Selinux Enabled True
Policy Type targeted
Enforcing Mode Enforcing
Host Name localhost.localdomain
Platform Linux localhost.localdomain
5.14.0-362.18.1.el9_3.0.1.x86_64 #1 SMP
PREEMPT_DYNAMIC Sun Feb 11 13:49:23 UTC 2024
x86_64 x86_64
Alert Count 12
First Seen 2024-02-24 19:22:22 WET
Last Seen 2024-02-25 10:53:06 WET
Local ID fab491fe-8d02-46a5-8632-737408b9439a
Raw Audit Messages
type=AVC msg=audit(1708858386.157:192): avc: denied { execheap } for pid=4466 comm="labview" scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tclass=process permissive=0
type=SYSCALL msg=audit(1708858386.157:192): arch=x86_64 syscall=mprotect success=no exit=EACCES a0=5714000 a1=5000 a2=7 a3=5717a00 items=0 ppid=2661 pid=4466 auid=1000 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=(none) ses=3 comm=labview exe=/usr/local/natinst/LabVIEW-2017-64/labview subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)
Hash: labview,unconfined_t,unconfined_t,process,execheap