Red Hat Bugzilla – Bug 163771
I get name_connect denials when trying to browse or chat after updating to kernel 2.6.12-1.1372_FC3
Last modified: 2007-11-30 17:11:10 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.8) Gecko/20050513 Fedora/1.0.4-1.3.1 Firefox/1.0.4
Description of problem:
The FC3 kernel upgrade package for 2.6.12 add a feature for name_connect permission. This feature is not supported in the latest FC3 package for selinux-policy-targeted. Would it be possible to get a new FC3 selinux-target-policy package for selinux-policy targeted?
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Upgrade to FC3 126.96.36.199.1372_FC3 kernel package.
2.With selinux-polic-target 1.21.14-1 installed.
3.Reboot to new kernel.
4.Set selinux security to targeted policy and enabled.
5.Open a browse.
6.Enter a remote URL
Actual Results: A denied message appears in /var/log/messages
Expected Results: No log message and a web page should appear
I was planning a migration to FC4 in September.
selinux-polic-target 1.21.14-1 is not a valid policy for FC3.
Should be selinux-policy-targeted-1.17.30-3.19?
Looks like you have a partially upgraded machine to FC4. Not a good idea,
unless you go all the way.