[LAU] Fedora 12 & CCRMA

Rick Green rtg at aapsc.com
Sun May 16 19:15:20 UTC 2010
Previous message: [LAU] Fedora 12 & CCRMA
Next message: [LAU] Fedora 12 & CCRMA
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Sat, 15 May 2010, Fernando Lopez-Lezcano wrote:

> I you want to try Planet CCRMA you should start by following the
> recommendations on how to install it here (maybe you already did?):
>
>  http://ccrma.stanford.edu/planetccrma/software/
>
    I was following 
http://ccrma.stanford.edu/planetccrma/software/installplaneteleven.html, 
which is linked off that page.  I got stuck at the point of 
enabling the CCRMA repository, when it told me that the meta-package 
hadn't been built yet for F12, and I was left to browse the repository for 
packages.  I was also confused by the presence of two separate 
repositories: 'PlanetCCRMA' and 'PlanetCCRMA Core'. ISTR fedora being 
called 'fedora core' in the early days, and this led me off into a tangent 
trying to learn what the difference is, and which I should be using...

> If you start by installing planetccrma-core-* then you should get a
> properly configured rt kernel, misc alsa packages that are not installed
> by default and optimization software (rtirq). Installing the kernel
> alone is not nearly enough.
>
   Looking back thru my command history, I find I have attempted the 
following:

yum upgrade
rpm -Uvh http://ccrma.stanford.edu/planetccrma/mirror/fedora/linux/planetccrma/12/i386/planetccrma-repo-1.1-2.fc12.ccrma.noarch.rpm
yum install planetccrma-apps     /* didn't work */
  yum install ardour
yum install jack ffado   /* jack not found, but ffado was installed */
yum install planetccrma-core
yum install qjackctl

   At this point,I launched qjackctl and attempted to start jack.  It asked 
me to update limits.conf for the audio group, so I did, and added myself 
to the audio group.  I rebooted, and tried it again.  This time, not only 
did jack fail, but qjackctl aborted as well.  ps tells me that jack is 
still there, zombified....

So here is where I stand now:
[root at angel ~]# yum list installed planetccrma* jack* ardour* ffado*
Loaded plugins: presto, refresh-packagekit
Installed Packages
ardour.i686                         2.8.7-1.fc12                  @updates
ffado.i686                          2.0.0-1.fc12.ccrma            @planetccrma
jack-audio-connection-kit.i686      0.118.0-1.fc12                @updates
planetccrma-core.i686               2010.01.21-1.fc12.ccrma       @planetcore
planetccrma-repo.noarch             1.1-2.fc12.ccrma              installed

> Then you should upgrade to the jack package that is part of Planet
> CCRMA. This will set up universal access for the realtime schedule (and
> you don't need touch anything in /etc/security/*).

   OK, I'm running `yum upgrade` which is picking up the newer j-a-c-k as 
well as 12 others, including several qt and xorg packages.

   Now, trying again.  I launch qjackctl.  The messsage window pops up and 
immediately tells me: 'cannot connect to jack server'.  I don't worry too 
much, because I haven't yet tried to start jack.
   So I push the 'start' button, without first even looking at the defaults 
in the 'setup' page.  The message window scrolls by a bunch of messages, 
and I'm able to see that jackdmp v 1.94 is indeed there.  But then it 
locks up, and I get an SElinux popup with two errors.  The first is from 
three days ago, when I was making my first attempts:

Summary:

SELinux is preventing /usr/sbin/abrtd (deleted) "write" access on abrt.

...I don't know how 'abrtd' is related to jack, it may be just 
coincidence.

Then the second one, today:

Summary:

SELinux is preventing /usr/bin/jackd from loading 
/usr/lib/libffado.so.2.0.0
which requires text relocation.

Detailed Description:

The jackd application attempted to load /usr/lib/libffado.so.2.0.0 which
requires text relocation. This is a potential security problem. Most 
libraries
do not need this permission. Libraries are sometimes coded incorrectly and
request this permission. The SELinux Memory Protection Tests
(http://people.redhat.com/drepper/selinux-mem.html) web page explains how 
to
remove this requirement. You can configure SELinux temporarily to allow
/usr/lib/libffado.so.2.0.0 to use relocation as a workaround, until the 
library
is fixed. Please file a bug report.

Allowing Access:

If you trust /usr/lib/libffado.so.2.0.0 to run correctly, you can change 
the
file context to textrel_shlib_t. "chcon -t textrel_shlib_t
'/usr/lib/libffado.so.2.0.0'" You must also change the default file 
context
files on the system in order to preserve them even on a full relabel. 
"semanage
fcontext -a -t textrel_shlib_t '/usr/lib/libffado.so.2.0.0'"

Fix Command:

chcon -t textrel_shlib_t '/usr/lib/libffado.so.2.0.0'

Additional Information:

Source Context 
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1
                               023
Target Context                system_u:object_r:lib_t:s0
Target Objects                /usr/lib/libffado.so.2.0.0 [ file ]
Source                        jackd
Source Path                   /usr/bin/jackd
Port                          <Unknown>
Host                          angel.aapsc.com
Source RPM Packages           jack-audio-connection-kit-1.9.4-1.fc12.ccrma
Target RPM Packages           libffado-2.0.0-1.fc12.ccrma
Policy RPM                    selinux-policy-3.6.32-113.fc12
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Plugin Name                   allow_execmod
Host Name                     angel.aapsc.com
Platform                      Linux angel.aapsc.com
                               2.6.31.12-1.rt20.1.fc12.ccrma.i686.rtPAE #1 
SMP
                               PREEMPT RT Thu Jan 21 22:07:32 EST 2010 i686
                               athlon
Alert Count                   2
First Seen                    Sun 16 May 2010 02:50:02 PM EDT
Last Seen                     Sun 16 May 2010 02:50:02 PM EDT
Local ID                      d2aeb4a1-1065-4d28-87c0-0f573876e08f
Line Numbers

Raw Audit Messages

node=angel.aapsc.com type=AVC msg=audit(1274035802.313:27312): avc: 
denied  { execmod } for  pid=4623 comm="jackd" 
path="/usr/lib/libffado.so.2.0.0" dev=dm-0 ino=7903 
scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 
tcontext=system_u:object_r:lib_t:s0 tclass=file

node=angel.aapsc.com type=SYSCALL msg=audit(1274035802.313:27312): 
arch=40000003 syscall=125 success=no exit=-13 a0=42d92000 a1=176000 a2=5 
a3=bf8e6a00 items=0 ppid=4618 pid=4623 auid=500 uid=500 gid=500 euid=500 
suid=500 fsuid=500 egid=500 sgid=500 fsgid=500 tty=(none) ses=1 
comm="jackd" exe="/usr/bin/jackd" 
subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 key=(null)


...it gives me two commands to use to reconfigure selinux to allow an 
exception for libffado, and I copy and paste them into a root console, but 
that does not unlock jack or qjackctl.  I was able to kill qjackctl, but 
jackd is zombified:

[root at angel ~]# ps aux | grep jack
rtg       2156 99.3  0.0      0     0 ?        Zsl  May14 3186:39 [jackd] 
<defunct>
rtg       4623  0.0  0.9  79948 19284 ?        DL   14:50   0:00 
/usr/bin/jackd -dalsa -dhw:0 -r48000 -p1024 -n2
root      4685  0.0  0.0   4212   712 pts/0    S+   15:09   0:00 grep jack

...so it looks like my only option at this point is to send off this email 
and reboot the system before trying again.

-- 
Rick Green

"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
                                   -Benjamin Franklin

"As for our common defense, we reject as false the choice between our
safety and our ideals."
                                -President Barack Obama 20 Jan 2009
Previous message: [LAU] Fedora 12 & CCRMA
Next message: [LAU] Fedora 12 & CCRMA
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the Linux-audio-user mailing list