Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 232081 Details for
Bug 339181
SELinux problems when starting vpnc
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
a lot of confused information I got from my computer
named-selinux-report.txt (text/plain), 7.92 KB, created by
Matěj Cepl
on 2007-10-19 04:21:45 UTC
(
hide
)
Description:
a lot of confused information I got from my computer
Filename:
MIME Type:
Creator:
Matěj Cepl
Created:
2007-10-19 04:21:45 UTC
Size:
7.92 KB
patch
obsolete
>[root@viklef matej]# rpm -qa \*bind\* \*vpnc\* \*selinux\* >selinux-policy-targeted-3.0.8-24.fc8 >libselinux-devel-2.0.37-1.fc8 >bind-libs-9.5.0-15.a6.fc8 >selinux-policy-3.0.8-24.fc8 >vpnc-0.5.1-1.fc8 >rpcbind-0.1.4-11.fc8 >libselinux-python-2.0.37-1.fc8 >bind-9.5.0-15.a6.fc8 >libselinux-2.0.37-1.fc8 >bind-utils-9.5.0-15.a6.fc8 >ypbind-1.20.4-2.fc8 >NetworkManager-vpnc-0.7.0-0.3.svn2970.fc8 >[root@viklef ~]# grep -E '(bind|named|vpnc)' /var/log/messages |tail >Oct 19 05:40:05 viklef named[2609]: zone 255.in-addr.arpa/IN: loaded serial 42 >Oct 19 05:40:05 viklef named[2609]: zone 0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.ip6.arpa/IN: loaded serial 1997022700 >Oct 19 05:40:05 viklef named[2609]: zone localdomain/IN: loaded serial 42 >Oct 19 05:40:05 viklef named[2609]: zone localhost/IN: loaded serial 42 >Oct 19 05:40:05 viklef kernel: named[2611]: segfault at 00000023 eip 0044d27f esp b74b4240 error 6 >Oct 19 05:42:50 viklef NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' exec scheduled... >Oct 19 05:42:50 viklef NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' executed (org.freedesktop.NetworkManager.vpnc), PID 3432 >Oct 19 05:42:51 viklef NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' just appeared, activating connections >Oct 19 05:42:51 viklef NetworkManager: <info> VPN service 'org.freedesktop.NetworkManager.vpnc' just appeared, activating connections >Oct 19 05:42:56 viklef setroubleshoot: #012 SELinux is preventing vpnc (vpnc_t) "name_bind" to <Unknown> (ipsecnat_port_t).#012 For complete SELinux messages. run sealert -l 87005ddf-ac40-4b10-8f98-27c5e2c6bb7d >[root@viklef ~]# >[root@viklef ~]# grep name_bind /var/log/audit/audit.log >type=AVC msg=audit(1191914506.915:12): avc: denied { name_bind } for pid=2416 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1191919761.693:13): avc: denied { name_bind } for pid=2417 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1191954152.215:14): avc: denied { name_bind } for pid=2445 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1191957468.794:13): avc: denied { name_bind } for pid=2416 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192021803.845:12): avc: denied { name_bind } for pid=2499 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192023998.771:13): avc: denied { name_bind } for pid=2422 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192045456.737:12): avc: denied { name_bind } for pid=2421 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192120593.504:12): avc: denied { name_bind } for pid=2446 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192145767.431:13): avc: denied { name_bind } for pid=2438 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192168654.827:13): avc: denied { name_bind } for pid=2414 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192189184.272:12): avc: denied { name_bind } for pid=2419 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192260966.336:12): avc: denied { name_bind } for pid=2452 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192281900.261:11): avc: denied { name_bind } for pid=2414 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192353579.881:13): avc: denied { name_bind } for pid=2413 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192366780.505:11): avc: denied { name_bind } for pid=2407 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192393938.649:12): avc: denied { name_bind } for pid=2399 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192431657.169:14): avc: denied { name_bind } for pid=2399 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192483739.748:11): avc: denied { name_bind } for pid=2388 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192513502.123:10): avc: denied { name_bind } for pid=2426 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192569229.825:9): avc: denied { name_bind } for pid=2386 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192606517.620:9): avc: denied { name_bind } for pid=2433 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192618105.614:10): avc: denied { name_bind } for pid=2387 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192649502.080:9): avc: denied { name_bind } for pid=2329 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192705523.859:9): avc: denied { name_bind } for pid=2319 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192763214.355:11): avc: denied { name_bind } for pid=2267 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192763363.487:28): avc: denied { name_bind } for pid=3435 comm="vpnc" src=4500 scontext=system_u:system_r:vpnc_t:s0 tcontext=system_u:object_r:ipsecnat_port_t:s0 tclass=udp_socket >type=AVC msg=audit(1192765198.510:9): avc: denied { name_bind } for pid=2264 comm="xinetd" src=6667 scontext=system_u:system_r:inetd_t:s0 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket >type=AVC msg=audit(1192765374.694:46): avc: denied { name_bind } for pid=3449 comm="vpnc" src=4500 scontext=system_u:system_r:vpnc_t:s0 tcontext=system_u:object_r:ipsecnat_port_t:s0 tclass=udp_socket >[root@viklef ~]# grep name_bind /var/log/audit/audit.log |audit_allow >[root@viklef ~]# grep name_bind /var/log/audit/audit.log |audit_allow >-bash: audit_allow: command not found >[root@viklef ~]# grep name_bind /var/log/audit/audit.log |audit2allow > > >#============= inetd_t ============== >allow inetd_t ircd_port_t:tcp_socket name_bind; > >#============= vpnc_t ============== >allow vpnc_t ipsecnat_port_t:udp_socket name_bind; >[root@viklef ~]# grep name_bind /var/log/audit/audit.log |audit2allow -Mmyvpncnamebind >******************** IMPORTANT *********************** >To make this policy package active, execute: > >semodule -i myvpncnamebind.pp > >[root@viklef ~]# semodule -i myvpncnamebind.pp >[root@viklef ~]#
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=232081">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 339181
: 232081