Showing results for 
Search instead for 
Did you mean: 

On Red Hat Enterprise Linux 9.2, Zoom persistently generates SELinux warnings


I have been using the most recent version of Zoom, specifically version, on Red Hat Enterprise Linux 9.2. However, upon launching the software, I encounter a persistent issue with SELinux Warnings. Surprisingly, this problem persists on AlmaLinux 9.2 as well, which is also a RHEL-based system. It's important to note that this issue does not manifest on Fedora 37 Workstation. 



SELinux is preventing /app/extra/zoom/zoom.real from execmod access on the file /memfd:JIT>
*****  Plugin catchall_boolean (89.3 confidence) suggests   ******************
If you want to allow selinuxuser to execmod
Then you must tell SELinux about this by enabling the 'selinuxuser_execmod' boolean.
setsebool -P selinuxuser_execmod 1
*****  Plugin catchall (11.6 confidence) suggests   **************************
If you believe that zoom.real should be allowed execmod access on the memfd:JITCode:QtQml >
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do allow this access for now by executing:
# ausearch -c 'zoom.real' --raw | audit2allow -M my-zoomreal
# semodule -X 300 -i my-zoomreal.pp





No matter whether I install Zoom via Flatpak or the RPM package available on the official Zoom website, I consistently encounter the same warning.


After reaching out to Red Hat regarding the SELinux warnings issue on Zoom, they informed me that it is not their responsibility and suggested that I should contact Zoom for further assistance.



You could get around this for now by using the suggested course of action (the catchall), may not be the best options but it beats disabling selinux:

sudo /usr/sbin/setsebool -P selinuxuser_execmod 1

It looks like RHEL 9.x sets this boolean to 0 by deafult. I just checked and RHEL 8.x has this set to 1 by default, so this is likely the reason you/we are seeing the flood of denial messages. If you are still hesitant you could avoid the -P and set the boolean temporarily while running zoom, then set it back to 0 after you're done, or script it into the startup of zoom 🙂