Bug 1200996

Summary: dnssec-trigger AVCs
Product: [Fedora] Fedora Reporter: Charles R. Anderson <cra>
Component: selinux-policy-targetedAssignee: Lukas Vrabec <lvrabec>
Status: CLOSED DUPLICATE QA Contact: Ben Levenson <benl>
Severity: high Docs Contact:
Priority: unspecified    
Version: 21CC: dwalsh, pwouters, thozza
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-07-15 13:18:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1182488    
Attachments:
Description Flags
SELinux AVCs from dnssec-triggerd none

Description Charles R. Anderson 2015-03-11 19:10:23 UTC 
Created attachment 1000619 [details]
SELinux AVCs from dnssec-triggerd

Description of problem:

There are several AVCs when running dnssec-trigger in permissive mode.

Version-Release number of selected component (if applicable):
selinux-policy-targeted-3.13.1-105.6.fc21.noarch
dnssec-trigger-0.12-18.fc21.x86_64

How reproducible:
always

Steps to Reproduce:
1. setenforce 0
2. systemctl stop dnssec-triggerd
3. systemctl stop unbound
4. systemctl start dnssec-triggerd

Actual results:

See attached AVCs.
Comment 1 Charles R. Anderson 2015-03-11 19:12:52 UTC 
The impact of this bug is that the system ends up with no /etc/resolv.conf and name resolution fails.
Comment 2 Tomáš Hozza 2015-07-15 13:18:51 UTC 

*** This bug has been marked as a duplicate of bug 1210250 ***