Selinux allow_execmem

Hello. In my configuration (redhat6 2.6.32-131.0.15.el6.x86_64, selinux-policy 3.7.19, GPU geforce 580) last linux driver compile with RWX rights on some memory parts. Because of this i have to enable selinux variable allow_execmem to my program worked with this library. But i can’t use this seVariable enabled.

In driver Readme:

Does this mean that driver have to compile libraries according to selinux policy configuration? But if i have allow_execmem(and all other execmem variable) off why compile with such parameters? How can i avoid this?

__GL_SELINUX_BOOLEANS has no effect on the permissions of It only tells the NVIDIA driver whether to behave as if the allow_execmem policy boolean has been enabled or disabled on an SELinux system. As stated in the README, the correct syntax for using this environment variable is to specify a comma-separated list of key/value pairs; e.g.:

__GL_SELINUX_BOOLEANS=“allow_execmem=on” glxgears

The driver does not re-compile libraries based on SELinux policy configuration at runtime. For now, libGL requires some of its components to retain rwx permissions (implying that allow_execmem must be enabled for applications using libGL), and the allow_execmem boolean only influences whether libGL attempts to make anonymous memory allocations via mmap(2).