Bug 1479767

Summary: SELinux is preventing /usr/sbin/lldpad from sendto access on the unix_dgram_socket [rhel-7.4.z]
Product: Red Hat Enterprise Linux 7 Reporter: Jaroslav Reznik <jreznik>
Component: selinux-policyAssignee: Lukas Vrabec <lvrabec>
Status: CLOSED ERRATA QA Contact: Milos Malik <mmalik>
Severity: high Docs Contact:
Priority: high    
Version: 7.3CC: danken, dholler, igkioka, lvrabec, mgrepl, mmalik, mthacker, plautrba, pvrabec, ssekidde
Target Milestone: rcKeywords: ZStream
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Previously, SELinux did not allow the lldpad daemon to send information to the VDSM service. As a consequence, VDSM lacked information from lldpad. This update allows the virtd_t SELinux domain to send information to the lldpad_t domain via a dgram socket. As a result, VDSM labeled as virtd_t can now communicate with lldpad labeled as lldpad_t.
Story Points: ---
Clone Of: 1472722 Environment:
Last Closed: 2017-09-05 11:26:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 1472722    
Bug Blocks: 1484725    

Description Jaroslav Reznik 2017-08-09 11:15:35 UTC
This bug has been copied from bug #1472722 and has been proposed to be backported to 7.4 z-stream (EUS).

Comment 6 errata-xmlrpc 2017-09-05 11:26:11 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2579