Red Hat Bugzilla – Bug 1005589
SELinux is preventing iptables (iptables_t) "read" to inotify (inotifyfs_t)
Last modified: 2014-09-15 20:29:50 EDT
Created attachment 795418 [details]
Contents of sealert
Description of problem:
SELinux is preventing iptables (iptables_t) "read" to inotify (inotifyfs_t) message is found frequently/daily in /var/log/messages
Version-Release number of selected component (if applicable):
# rpm -qa | grep selinux
# rpm -qa | grep iptables
Every day, frequently and irregularly during the day.
Steps to Reproduce:
1. Boot server
Frequent log messages about security blocked access to inotifyfs by iptables
To allow iptables to access inotifyfs for security purposes
At this time I have added a local policy to allow iptables access to read inotifyfs. The log entry to /var/log/messages are now gone, thus far
This request was evaluated by Red Hat Product Management for inclusion
in a Red Hat Enterprise Linux release. Product Management has
requested further review of this request by Red Hat Engineering, for
potential inclusion in a Red Hat Enterprise Linux release for currently
deployed products. This request is not yet committed for inclusion in
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.