Komodo and SELinux
Recently we had been noticing some reports of Komodo startup failing on some modern Linux boxes. See bug 43260. It was tracked down to SELinux on the particular machine disallowing text-segment relocation in a specific shared object in Komodo.
The problem became more acute with the recent releases because Fedora Core 4 now comes with SELinux installed, enabled and enforcing (in certain areas of the file system) by default.
(Gory details: Basically there is a micro chance for a security hole during text-segment relocation when loading a shared object that was not compiled with position-independent code -- i.e. without "-fPIC" with gcc. I need to find the reference -- deep in a PDF a co-worker found -- that described those details again.)
So either you need to build all your .so's -fPIC or you need to set SELinux attributes appropriately (a.k.a. set the "security context") on certain files post-install. Komodo 3.5.x did a bit of both. First we made the changes that we could to get all .so's building -fPIC. However, we still have one that could not be, so we need to set its security context on install. One does this "chcon" (change context).
chcon -t security-context-name path/to/file.so
Easy peasy. Except one thing. What is that "security-context-name"? On FC4 it is "texrel_shlib_t". (This is what Komodo's Linux installer attempts to do on that one file, "libnpscimoz.so", if SELinux is detected.) On CentOS (a clone of RHEL) it is apparently something else because:
chcon: failed to change context of /home/msoulier/komodo/lib/mozilla/plugins/libnpscimoz.so to user_u:object_r:texrel_shlib_t: Invalid argument
On other Linux distros: who knows? I am not currently aware of a way to programmatically figure out what the built-in and user-defined set of valid security context names is for a given SELinux install. Any pointers anyone could provide would be appreciated.
2 commentsKomodo 3.5.2 is out
I am pleased to announce the release of Komodo 3.5.2 for Linux, Mac OS X, and Windows. This is a bug fix release for the Komodo 3.5.x stream. The important fixes include:
- [Windows] Fix AltGr+<number> keybindings for international keyboard layouts on Windows (bug 43021)
- [Windows] Fix XSLT autocomplete (bug 41898).
- Perl syntax checking default setting change to not use taint mode.
- [Windows] Fix setting of Windows File associations (bug 42107).
- [Linux] Fix SELinux issues that would prevent Komodo from starting on Linux machines with SELinux kernel extensions installed and enforcing -- the default on Fedora Core 4 (bug 43260).
See the Revision History for more details.
Download Komodo and find more information here.
0 commentsKomodo 3.5.1: ruby debugging error
Bug 43011. Most users shouldn't hit this, but if you get an error something like this while debugging Ruby in Komodo:
c:/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:18:in `require__': No such file to load -- no such mod (LoadError)
from c:/ruby/lib/ruby/site_ruby/1.8/rubygems/custom_require.rb:18:in `re quire'
from -:1
then (until Komodo 3.5.2 comes out) you may need to applied the workaround described in that bug.
Komodo's Ruby debugger includes a binary Ruby extension for speeding up some parts of the debugging process. (This was very important for making Rails debugging, for example, performant.) Komodo *also* includes a pure Ruby fallback implementation when the binary extension doesn't work -- for example if a new version of Ruby comes out or for platform compat issues, at least debugging should still work.
The problem was that some of those fallback files got installed to the wrong dir. Oops. That will be fixed in subsequent builds.
0 commentsKomodo 3.5.1 nits (with workarounds)
We released Komodo 3.5.1 yesterday. A few issues have come up since then that may be annoying for some Komodo users. Until we can get a new release out fixing these issues, here is what they are and how to work around them (if you happen to hit one):
- XSLT Autocomplete is busted on Windows. Bug 41898.
The workaround is Find and edit "koXMLStateMachineReader.py" in your Komodo installation (<install-dir>/lib/mozilla/python/komodo/). Change the "print" statement on line 211 (i.e. in the handle__unknown() method) to a "pass" statement. I.e.:...
def handle__unknown(self, node, *args):
pass
... - Perl syntax checking might give syntax errors on "use" statements not being able to find a module in the same directory as a script that you are editing. I wrote a tale of 3 (or 4?) Dave's describing the background, but the main issue is that Komodo by default syntax checks your Perl code with Perl taint mode even though you probably don't run your code with taint mode.
The workaround, if you hit this, is simply to change the default Perl syntax checking mode to not use taint mode (i.e. "-cw" instead of "-cwT"). This will be the new default in future Komodo versions. - On Windows Tablet PCs (Do you think Scoble scripts?), opening the find/replace dialog would not put keyboard focus into the find pattern textbox. Bug 42441.
The workaround is to apply this patch to "<installdir>/lib/mozilla/chrome/jaguar/content/find/find.js":@@ -278,6 +278,7 @@
getService(Components.interfaces.koIFindService);
_Initialize();
window.focus();
+ widgets.panel.pattern.focus(); // Bug 42441
} catch (ex) {
log.exception(ex);
} - Changing Windows file associations in the "Windows Integration" preferences panel would fail with "[Errno 9] Bad file descriptor". Bug 42957.
The workaround is to apply this patch (attached to the bug report) to "koInitService.py" in your Komodo installation.
I'll try to post workarounds for any more issues that we find before we are able to put up a new release. Thanks to all of you that posted bug reports.
0 comments
Posts
