Multifunction DAQ

cancel
Showing results for 
Search instead for 
Did you mean: 

NIDAQmx on Fedora Core 5 How-To

Actually, SELinux problems in Fedora Core 6 can be easily fixed without turning it of. I'm not running NIDAQmx myself but there are SELinux issues when running for example gpibexplorer from the "NI-488.2 Version 2.5 for Linux"-package.

For the gpibexplorer case, the problem is related to the so called security context of the following files:

/usr/local/lib/linux/libOSMesa.so.4
/usr/local/lib/LabVIEW-8.0/liblvrt.so.8.0.1

To fix this in Fedora Core 6 (and probably in FC5 as well) run the following (as root):

# semanage fcontext -a -t textrel_shlib_t /usr/local/lib/linux/libOSMesa.so.4
# semanage fcontext -a -t textrel_shlib_t /usr/local/lib/LabVIEW-8.0/liblvrt.so.8.0.1
# restorecon /usr/local/lib/linux/libOSMesa.so.4 /usr/local/lib/LabVIEW-8.0/liblvrt.so.8.0.1

the two first rows adds the desired security context in the system and the last row re-labels the files. These actions are persistent and will survive both reboots and later system upgrades.

If you for any reason want to undo the above, run the following (as root):

# semanage fcontext -d -t textrel_shlib_t /usr/local/lib/linux/libOSMesa.so.4
# semanage fcontext -d -t textrel_shlib_t /usr/local/lib/LabVIEW-8.0/liblvrt.so.8.0.1
# restorecon /usr/local/lib/linux/libOSMesa.so.4 /usr/local/lib/LabVIEW-8.0/liblvrt.so.8.0.1

(observe the -d for delete).

The basic problem is ofcourse with the two libs. They want to execute code on the stack or on the heap (I don't remember which right now). This is considered bad practice nowdays and should be avoided (potential buffer overflow security hole). In Fedora Core 6 the ability to execute code in this way is prohibited by SELinux, but can be selectivly enabled on a per file basis as described above.

Perhaps something for the NI developers to address in future releases?
0 Kudos
Message 31 of 31
(1,354 Views)