[Wine] Cannot run Wine under Fedora 6 test 1 - partial workaround found

[David D. Hagood]

I've played around a bit more using a very simple Windows program called 
"Casio" ( the programmer for my Casio PC Unite watch, which I know works 
quite well under Wine under older setups), and have found the following 
information:

* The "wine_main_preload_info not found" message is coming from the 
wine-preloader - the "wine" executable lacks the data structure that 
wine-preloader is looking for, but wine-pthread and wine-kthread have this.
* wine-kthread won't run.
* wine-pthread will.
* For whatever reason, I cannot run a Windows program with "wine", but I 
can run it with "wine-pthread":
 >[wowbaggr at surfer bin]$ wine ./casio
 >wine_main_preload_info not found
 >wine_main_preload_info not found
 >wine: could not load L"Z:\\bin\\casio.": Invalid address
 >[wowbaggr at surfer bin]$ wine-pthread ./casio
 >libGL warning: 3D driver claims to not support visual 0x4c
 >wine_main_preload_info not found
 >err:dosmem:setup_dos_mem Cannot use first megabyte for DOS address 
space, please report
 >libGL warning: 3D driver claims to not support visual 0x4c
(and the program runs)
* Side note: If I just type "wine casio" (casio being in the current 
directory) then Wine cannot find it - wine does not look in the current 
working directory.
* If I have "wine-pthread" set as the binfmt interpreter for Windows PE 
files:
 >cat /proc/sys/fs/binfmt_misc/DOSWin
 >enabled
 >interpreter /usr/bin/wine/wine-pthread
 >flags:
 >offset 0
 >magic 4d5a
  Then I *cannot* run the casio program directly - I get an AVC error
 >Jul 30 19:01:42 surfer kernel: audit(1154304102.342:1745): avc: 
denied  { execmem } for  pid=13475 comm="casio" 
scontext=user_u:system_r:unconfined_t:s0 
tcontext=user_u:system_r:unconfined_t:s0 tclass=process
* If I set the security contect for the binary "casio" the same as 
"wine" then it runs:
 >[wowbaggr at surfer bin]$ ls -lZ casio
 >-rwxr-xr-x  wowbaggr wowbaggr system_u:object_r:wine_exec_t    casio

This leads me to the conclusion that ideally, when run as the 
interpreter for a PE executable via binfmt_misc, Wine needs to set the 
process security context appropriately to allow for programs to run.

I've not looked into whether it is possible for a running process to 
change its security context in this manner - if not, then at the very 
least when Wine creates an EXE on behalf of an installer, in addition to 
setting the execute permissions bit, it needs to set the security 
context as well, or at least force a relabel of the file.

(Note: In all of the above, if an AVC denial occurred, or indeed any 
other interesting event logged to syslog occurred, I mentioned it.)