Bug 188571 - ypbind fails to start due to selinux policy problems
ypbind fails to start due to selinux policy problems
Status: CLOSED DUPLICATE of bug 188572
Product: Fedora
Classification: Fedora
Component: ypbind (Show other bugs)
5
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Steve Dickson
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-04-11 07:59 EDT by bob mckay
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-04-12 03:48:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
audit2why output (12.82 KB, text/plain)
2006-04-11 07:59 EDT, bob mckay
no flags Details

  None (edit)
Description bob mckay 2006-04-11 07:59:35 EDT
Description of problem: ypbind will not start in my installation, apparently due
to selinux policy problems. To the best of my knowledge, I have not altered
selinux policy from the default.


Version-Release number of selected component (if applicable):
ypbind (ypbind-mt) 1.19

How reproducible:
100% on my installation - cannot get ypbind to start properly


Steps to Reproduce:
1.use selinux security configuration tool to disable selinux protection for
ypbind daemon
2.use service configuration tool to start ypbind
3.
  
Actual results:
service configuration tool starts spinning its wheel, and continues to do so
forever. Meanwhile, any concurrently open browsers lose their connections (that
is, http get's fail thereafter). On quitting service configuration tool and
restarting it, it reports ypbind as running. Stopping ypbind frees up any
currently frozen browser connections. It sometimes takes two attempts to
actually stop ypbind.

Expected results: Starting ypbind works, and doesn't cause browsers to freeze

Additional info:
To be honest, I'm not certain this is a bug, but I can't see what I can be doing
wrong. I've turned on auditing, and am attaching a fragment of the audit log for
a complete start ypbind - abort service configuration tool - stop ypbind cycle. 
Also the output from audit2why. Audit2allow shows missing rules as the
underlying cause:

allow hostname_t security_t:dir search;
allow hostname_t selinux_config_t:dir search;
allow hostname_t unconfined_t:fifo_file write;
allow hostname_t user_home_t:file read;
Comment 1 bob mckay 2006-04-11 07:59:35 EDT
Created attachment 127607 [details]
audit2why output
Comment 2 bob mckay 2006-04-12 03:48:45 EDT

*** This bug has been marked as a duplicate of 188572 ***

Note You need to log in before you can comment on or make changes to this bug.