Bug 1274666
Summary: | SELinux is preventing iptables from using the 'noatsecure' accesses on a process. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Adam Nicholson <adam> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 22 | CC: | adam, dominick.grift, dwalsh, lvrabec, mgrepl, plautrba |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Unspecified | ||
Whiteboard: | abrt_hash:f43ebcf56d1bff6ffade831532361477c8549f5aea0c2bb91455da4cdb744648;VARIANT_ID=workstation; | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-11-20 13:42:10 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Adam Nicholson
2015-10-23 10:18:38 UTC
Did you disable dontaudit rules? audit2allow -i /tmp/t #============= firewalld_t ============== #!!!! This avc has a dontaudit rule in the current policy allow firewalld_t iptables_t:process noatsecure; I did, but I was thinking it should have been enabled by default if it was a legitimate process considering iptables is a core part of the distribution. (In reply to Adam Nicholson from comment #2) > I did, but I was thinking it should have been enabled by default if it was a > legitimate process considering iptables is a core part of the distribution. Not sure if I understand correctly. Do you want to see it by default? |