Description of problem: SELinux is preventing named from 'search' accesses on the directory net. ***** Plugin catchall (100. confidence) suggests ************************** If vous pensez que named devrait être autorisé à accéder search sur net directory par défaut. Then vous devriez rapporter ceci en tant qu'anomalie. Vous pouvez générer un module de stratégie local pour autoriser cet accès. Do autoriser cet accès pour le moment en exécutant : # grep named /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context system_u:system_r:named_t:s0 Target Context system_u:object_r:sysctl_net_t:s0 Target Objects net [ dir ] Source named Source Path named Port <Unknown> Host (removed) Source RPM Packages Target RPM Packages Policy RPM selinux-policy-3.13.1-146.fc24.noarch Selinux Enabled True Policy Type targeted Enforcing Mode Permissive Host Name (removed) Platform Linux (removed) 4.3.0-0.rc0.git7.1.fc24.x86_64 #1 SMP Fri Sep 4 14:36:30 UTC 2015 x86_64 x86_64 Alert Count 11 First Seen 2015-09-05 14:09:06 CEST Last Seen 2015-09-05 14:33:32 CEST Local ID 849dea69-6455-4a69-93b7-7d1b6227d99f Raw Audit Messages type=AVC msg=audit(1441456412.169:789): avc: denied { search } for pid=1592 comm="named" name="net" dev="proc" ino=11457 scontext=system_u:system_r:named_t:s0 tcontext=system_u:object_r:sysctl_net_t:s0 tclass=dir permissive=1 Hash: named,named_t,sysctl_net_t,dir,search Version-Release number of selected component: selinux-policy-3.13.1-146.fc24.noarch Additional info: reporter: libreport-2.6.2 hashmarkername: setroubleshoot kernel: 4.3.0-0.rc0.git7.1.fc24.x86_64 type: libreport
*** This bug has been marked as a duplicate of bug 1260272 ***