Bug 212821
Summary: | hpiod: unable to bind socket 2208: Permission denied | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Jurandy Junior <jurandy_junior> |
Component: | hplip | Assignee: | Tim Waugh <twaugh> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 6 | CC: | subscribed-lists |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | 1.6.10-1.fc6.4 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2006-11-02 10:11:28 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 207681 |
Description
Jurandy Junior
2006-10-29 11:49:59 UTC
Please try this test update: https://www.redhat.com/archives/fedora-test-list/2006-October/msg01025.html You should be able to do this using: yum --enablerepo=updates-testing update hpijs hplip libsane-hpaio Hi, I'll try the test update. More information about the error: [root@weise jurandy]# cat /var/log/messages | grep hpiod Oct 30 05:48:38 weise kernel: audit(1162198118.233:71): avc: denied { name_bind } for pid=1970 comm="hpiod" src=2208 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket Oct 30 05:48:38 weise kernel: audit(1162198118.233:71): arch=40000003 syscall=102 success=no exit=-13 a0=2 a1=bfdc58d0 a2=8725170 a3=bfdc597c items=0 ppid=1969 pid=1970 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="hpiod" exe="/usr/sbin/hpiod" subj=system_u:system_r:hplip_t:s0 key=(null) Oct 30 05:48:38 weise hpiod: unable to bind socket 2208: Permission denied Oct 30 20:53:17 weise hpiod: unable to bind socket 2208: Permission denied Oct 30 20:53:20 weise kernel: audit(1162252397.987:72): avc: denied { name_bind } for pid=1983 comm="hpiod" src=2208 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket Oct 30 20:53:20 weise kernel: audit(1162252397.987:72): arch=40000003 syscall=102 success=no exit=-13 a0=2 a1=bfda6310 a2=94aa170 a3=bfda63bc items=0 ppid=1982 pid=1983 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="hpiod" exe="/usr/sbin/hpiod" subj=system_u:system_r:hplip_t:s0 key=(null) Oct 30 21:37:11 weise hpiod: unable to bind socket 2208: Permission denied Oct 30 21:37:11 weise kernel: audit(1162255031.921:72): avc: denied { name_bind } for pid=2035 comm="hpiod" src=2208 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket Oct 30 21:37:11 weise kernel: audit(1162255031.921:72): arch=40000003 syscall=102 success=no exit=-13 a0=2 a1=bff6d820 a2=90c8170 a3=bff6d8cc items=0 ppid=2034 pid=2035 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="hpiod" exe="/usr/sbin/hpiod" subj=system_u:system_r:hplip_t:s0 key=(null) Oct 30 23:41:05 weise hpiod: unable to bind socket 2208: Permission denied Oct 30 23:41:08 weise kernel: audit(1162262465.902:72): avc: denied { name_bind } for pid=2025 comm="hpiod" src=2208 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket Oct 30 23:41:08 weise kernel: audit(1162262465.902:72): arch=40000003 syscall=102 success=no exit=-13 a0=2 a1=bf9adbd0 a2=9525170 a3=bf9adc7c items=0 ppid=2024 pid=2025 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="hpiod" exe="/usr/sbin/hpiod" subj=system_u:system_r:hplip_t:s0 key=(null) Oct 30 23:57:33 weise kernel: audit(1162263453.407:68): avc: denied { name_bind } for pid=1988 comm="hpiod" src=2208 scontext=system_u:system_r:hplip_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket Oct 30 23:57:33 weise kernel: audit(1162263453.407:68): arch=40000003 syscall=102 success=no exit=-13 a0=2 a1=bf8cd280 a2=8718170 a3=bf8cd32c items=0 ppid=1987 pid=1988 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="hpiod" exe="/usr/sbin/hpiod" subj=system_u:system_r:hplip_t:s0 key=(null) Oct 30 23:57:33 weise hpiod: unable to bind socket 2208: Permission denied More information about how reproducible: I upgraded (not reinstall) FC5 to FC6. I updated kernel.586 (bug:anaconda) to kernel.686. Kernel Version: [root@weise ~]# uname -r 2.6.18-1.2798.fc6 I have selinux installed and running in enforcing mode. [root@weise ~]# rpm -qa | grep selinux selinux-policy-2.4.1-3.fc6 libselinux-devel-1.30.29-2 libselinux-1.30.29-2 libselinux-python-1.30.29-2 I believe this could be a selinux problem. Thanks for your attention. Regards, Jurandy Junior What's in /etc/sysconfig/selinux? The selinux policy should be allowing name_bind for TCP port 2208. From looking at the policy source code, it *does*. The FC6 machines I have here also allow this. So this is a bit of a mystery to me. [root@weise jurandy]# cat /etc/sysconfig/selinux # This file controls the state of SELinux on the system. # SELINUX= can take one of these three values: # enforcing - SELinux security policy is enforced. # permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled. SELINUX=enforcing # SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection. SELINUXTYPE=targeted # SETLOCALDEFS= Check local definition changes SETLOCALDEFS=0 Same as my config. What does 'rpm -V hplip' say? Nothing. [root@weise ~]# rpm -V hplip [root@weise ~]# You are not updated to the latest policy. A new policy package was just released to testing. selinux-policy-2.4.2-3.fc6. Please update to this version and make sure the update is successful. I'm having the same problem on a clean install of FC6 with SELINUX disabled. The test version seeems to have fixed the problem. Errata pushed: hplip-1.6.10-1.fc6.4 |