Bug 665563
Summary: | SELinux policy prevents FreeRADIUS connecting to database | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | ygor.regados |
Component: | selinux-policy-targeted | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED ERRATA | QA Contact: | Ben Levenson <benl> |
Severity: | medium | Docs Contact: | |
Priority: | low | ||
Version: | 14 | CC: | dwalsh |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | selinux-policy-3.9.7-20.fc14 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-01-17 20:52:04 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
ygor.regados
2010-12-24 19:22:40 UTC
ausearch -m avc | grep radiusd type=SYSCALL msg=audit(1293385921.676:42597): arch=c000003e syscall=42 success=no exit=-115 a0=4 a1=2107c40 a2=10 a3=7fff46843950 items=0 ppid=12006 pid=12007 auid=0 uid=0 gid=95 euid=95 suid=0 fsuid=95 egid=95 sgid=95 fsgid=95 tty=pts2 ses=589 comm="radiusd" exe="/usr/sbin/radiusd" subj=unconfined_u:system_r:radiusd_t:s0 key=(null) type=AVC msg=audit(1293385921.676:42597): avc: denied { name_connect } for pid=12007 comm="radiusd" dest=5432 scontext=unconfined_u:system_r:radiusd_t:s0 tcontext=system_u:object_r:postgresql_port_t:s0 tclass=tcp_socket type=SYSCALL msg=audit(1293386309.939:42621): arch=c000003e syscall=42 success=no exit=-115 a0=4 a1=2997db0 a2=10 a3=7fff1ac39c70 items=0 ppid=12126 pid=12127 auid=0 uid=0 gid=95 euid=95 suid=0 fsuid=95 egid=95 sgid=95 fsgid=95 tty=pts0 ses=585 comm="radiusd" exe="/usr/sbin/radiusd" subj=unconfined_u:system_r:radiusd_t:s0 key=(null) type=AVC msg=audit(1293386309.939:42621): avc: denied { name_connect } for pid=12127 comm="radiusd" dest=5432 scontext=unconfined_u:system_r:radiusd_t:s0 tcontext=system_u:object_r:postgresql_port_t:s0 tclass=tcp_socket Miroslav add corenet_tcp_connect_postgresql_port(radiusd_t) Fixed in selinux-policy-3.9.7-20.fc14 selinux-policy-3.9.7-20.fc14 has been submitted as an update for Fedora 14. https://admin.fedoraproject.org/updates/selinux-policy-3.9.7-20.fc14 selinux-policy-3.9.7-20.fc14 has been pushed to the Fedora 14 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update selinux-policy'. You can provide feedback for this update here: https://admin.fedoraproject.org/updates/selinux-policy-3.9.7-20.fc14 selinux-policy-3.9.7-20.fc14 has been pushed to the Fedora 14 stable repository. If problems still persist, please make note of it in this bug report. |