From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.0.4-1.3.1 Firefox/1.0.4 Description of problem: Can't run dhcpd with valid config file. SELinux blocks it: type=AVC msg=audit(1118774433.422:183565): avc: denied { name_bind } for pid=2125 comm="dhcpd" src=67 scontext=root:system_r:dhcpd_t tcontext=system_u:object_r:reserved_port_t tclass=udp_socket type=SYSCALL msg=audit(1118774433.422:183565): arch=40000003 syscall=102 success=no exit=-13 a0=2 a1=bfbb8fc0 a2=95ea04 a3=6 items=0 pid=2125 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="dhcpd" exe="/usr/sbin/dhcpd" type=SOCKADDR msg=audit(1118774433.422:183565): saddr=02000043000000000000000000000000 type=SOCKETCALL msg=audit(1118774433.422:183565): nargs=3 a0=6 a1=bfbb8fe8 a2=10 Here's the config file: subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.200 192.168.1.250; default-lease-time 86400; option subnet-mask 255.255.255.0; option broadcast-address 192.168.1.255; option routers 192.168.1.254; option domain-name-servers 192.168.1.120; option domain-name "XXXXXXX.YYYYYYY"; option netbios-name-servers 192.168.1.120; ping-check true; } authoritative; ddns-update-style ad-hoc; Version-Release number of selected component (if applicable): selinux-policy-targeted-1.23.16-6 How reproducible: Always Steps to Reproduce: 1. see above 2. 3. Actual Results: dhcpd is denied access to the interface Expected Results: well duh Additional info:
I also have same problem. (so I guess this is a confirm). My Details: Try to connect to eth0 through 'USB CDC Ether'. With selinux on no conncetion is made. Turning selinux off allows dhcp to connect to the internet. (NTL cable modem in the UK).
Created attachment 115598 [details] correction /etc/selinux/targeted/src/policy/types/network.te Please try the patch, it works for me.
Created attachment 115600 [details] /etc/selinux/targeted/src/policy/types/network.te Sorry, thi is the correct one.
Bugs 159378 and 160790 are duplicates of this. It seems it is worth to try to restart all important services before releasing new selinux-policy-targeted package.
Fixed in selinux-policy-targeted-1.25.1-7
Updating seems to have fixed the problems here.