Description of problem: when use ntpd and samba's winbind together we've got the following error: Jan 4 17:10:06 piros kernel: audit(1136391006.739:8): avc: denied { connectto } for pid=28435 comm="ntpd" name="pipe" scontext=root:system_r:ntpd_t tcontext=root:system_r:winbind_t tclass=unix_stream_socket Jan 4 17:12:06 piros kernel: audit(1136391126.439:10): avc: denied { search } for pid=31167 comm="ntpd" name="samba" dev=md1 ino=3940971 scontext=root:system_r:ntpd_t tcontext=system_u:object_r:samba_var_t tclass=dir Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: allow ntpd_t winbind_t:unix_stream_socket connectto; allow ntpd_t samba_var_t:dir search; solve the problem (but probably a more precise solution exist). Additional info:
Fixed in selinux-policy-targeted-1.17.30-2.124