1200996 – dnssec-trigger AVCs

Bug 1200996 - dnssec-trigger AVCs

Summary: dnssec-trigger AVCs

Keywords:
Status:	CLOSED DUPLICATE of bug 1210250
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy-targeted
Sub Component:
Version:	21
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Assignee:	Lukas Vrabec
QA Contact:	Ben Levenson
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	Default_Local_DNS_Resolver
TreeView+	depends on / blocked

Reported:	2015-03-11 19:10 UTC by Charles R. Anderson
Modified:	2015-07-15 13:18 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-07-15 13:18:51 UTC
Type:	Bug
Dependent Products:

Attachments	(Terms of Use)
SELinux AVCs from dnssec-triggerd (9.17 KB, text/plain) 2015-03-11 19:10 UTC, Charles R. Anderson	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Charles R. Anderson 2015-03-11 19:10:23 UTC

Created attachment 1000619 [details]
SELinux AVCs from dnssec-triggerd

Description of problem:

There are several AVCs when running dnssec-trigger in permissive mode.

Version-Release number of selected component (if applicable):
selinux-policy-targeted-3.13.1-105.6.fc21.noarch
dnssec-trigger-0.12-18.fc21.x86_64

How reproducible:
always

Steps to Reproduce:
1. setenforce 0
2. systemctl stop dnssec-triggerd
3. systemctl stop unbound
4. systemctl start dnssec-triggerd

Actual results:

See attached AVCs.

Comment 1 Charles R. Anderson 2015-03-11 19:12:52 UTC

The impact of this bug is that the system ends up with no /etc/resolv.conf and name resolution fails.

Comment 2 Tomáš Hozza 2015-07-15 13:18:51 UTC


*** This bug has been marked as a duplicate of bug 1210250 ***

Note You need to log in before you can comment on or make changes to this bug.