On Thu, 8 Nov 2007, Jay Leafey wrote:
> I downloaded the RPMs from the Oracle web site (otn.oracle.com) and
> successfully installed them on my C5 box, but the sqlplus client
> software would not run properly. After a few iterations with
> sealert, I finally got a handle on what was happening.
>
> It turns out that most of the shared libraries Oracle installs need
> to have their SElinux file context modified to allow relocation.
> Here's the quick-and-dirty routine I use to repair this:
>
> find /usr/lib/oracle/11.1.0.1/client/lib -type f -name \*.so\* \
> -exec chcon -t textrel_shlib_t {} \;
>
> Obviously you could get around this by disabling SElinux, but I
> really want to avoid that if possible.
>
> Now a quick question: does anybody know if there is any way to
> configure SElinux so that the context for these files won't be
> "fixed" by a restorecon operation on this directory?
It'd be something to the effect of
semanage fcontext -a -t textrel_shlib_t \
"/usr/lib/oracle/11.1.0.1/client/lib/.*\.so.*"
or, less version-specific,
semanage fcontext -a -t textrel_shlib_t \
"/usr/lib/oracle/[0-9.]*/client/lib/.*\.so.*"
--
Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/