Bug 176069 - Network does not work for incoming info without setenforce 0 issued
Network does not work for incoming info without setenforce 0 issued
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
5
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-12-18 19:37 EST by Jim Cornette
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-12-22 14:17:38 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
This is from audit log (240.45 KB, text/plain)
2005-12-18 19:38 EST, Jim Cornette
no flags Details
after single selinux=o relabel (789.33 KB, text/plain)
2005-12-19 07:08 EST, Jim Cornette
no flags Details

  None (edit)
Description Jim Cornette 2005-12-18 19:37:04 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20051215 Fedora/1.7.12-3

Description of problem:
After upgrading packages, rebooting, then trying to access the network, no network access was available. I had an assigned ip via dhcp and etc/resolv.conf had a valid entry. I could not even access my local system and its router.

After checking IP with ifconfig, stopping and starting network services, I checked /etc/resolv.conf.

I then decided to try setenforce 0 and I could access the network properly. I then ran setenforce 1 and tried to access my ISP mail with no response. Running setenforce 0 again allowed me to access the web and my pop account from my ISP.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:

1. Start system, try to access network via mozilla and mozilla mail.
2. check for usual settings in /etc/resolv.conf and IP via ifconfig
3. run setenforce 0 and try again
4. run setenforce 1 and try again
5. run setenforce 0 and use network
  

Actual Results:  
1. no mail or websites accessable
2. settings were normal for the network
3. was now able to access network
4. now, no mail or network access possible
5. submitting bug report on effected system


Expected Results:  I expected to b able to go to websites and check mail from my ISP

Additional info:

audit log content wil be sent as an attachment after bug submittal
Comment 1 Jim Cornette 2005-12-18 19:38:24 EST
Created attachment 122388 [details]
This is from audit log
Comment 2 Jim Cornette 2005-12-19 07:06:21 EST
After updating to current rawhide yesterday, I had to enter sellinux=0 single
and then perform the command fixfiles restore for my system to work properly
with network usage.
touch /.autorelabel did not happen on reboot. The feature bypassed on bootup.
Audit contains more granted than denied now.


Comment 3 Jim Cornette 2005-12-19 07:08:42 EST
Created attachment 122397 [details]
after single selinux=o relabel

After selinux disabled, relabeling system and ordinary usage. This log for
audit exists
Comment 4 Daniel Walsh 2005-12-19 10:03:43 EST
radeon_dri.so needs to be set text textrel_shlib_t

chcon -t textrel_shlib_t 

Please give me the path and I will put it in policy.

Also which policy do you have loaded?
Comment 5 Jim Cornette 2005-12-19 18:25:54 EST
Much appreciated about the DRI catch for radeon.
/usr/lib/dri/radeon_dri.so

current version
selinux-policy-targeted-2.1.6-10
Comment 6 Jim Cornette 2005-12-21 18:52:32 EST
The addition to selinux-policy-2.1.6-13 fixed the problem with DRI. 

Thanks!

No network problems either.

Note You need to log in before you can comment on or make changes to this bug.