Description of problem: NTPD doesn't work because SELinux disallows access to /etc/services Version-Release number of selected component (if applicable): 2.2.21-7 How reproducible: Every time Steps to Reproduce: 1. Configure NTPD 2. Start NTPD : /etc/init.d/ntpd statr Actual results: root@vienna# /etc/init.d/ntpd start ntpd: Synchronising with time server: [FAILED] Starting ntpd: [ OK ] Various log entries are created showing access to /etc/services is denied: type=PATH msg=audit(1141397407.389:411): item=0 name="/etc/services" flags=101 inode=6481772 dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00 type=AVC msg=audit(1141397407.393:412): avc: denied { read } for pid=2976 comm="ntpdate" name="services" dev=dm-0 ino=6481772 scontext=user_u:system_r:ntpd_t:s0 tcontext=user_u:object_r:rpm_script_tmp_t:s0 tclass=file type=SYSCALL msg=audit(1141397407.393:412): arch=40000003 syscall=5 success=no exit=-13 a0=243001 a1=0 a2=1b6 a3=9936118 items=1 pid=2976 auid=1015 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 comm="ntpdate" exe="/usr/sbin/ntpdate" Expected results: root@vienna# /etc/init.d/ntpd start ntpd: Synchronising with time server: [ OK ] Starting ntpd: [ OK ] and no log entries Additional info:
This looks like a labeling problem. /etc/services is mislabled, I have no idea how this would have happened. restorecon /etc/services will fix it. YOu can restorecon -R -v /etc to see if other files have the wrong context. touch /.autorelabel reboot to relabel the entire system