Description of problem: Trying to use the max_filedesc option in /etc/squid/squid.conf will fail against the squid selinux policy. Version-Release number of selected component (if applicable): squid-2.5.STABLE14-2.FC5 selinux-policy-targeted-2.3.2-1.fc5 How reproducible: always Steps to Reproduce: 1. set "max_filedesc 8192" in squid.conf 2. start squid Actual results: squid fails to start Expected results: squid should start Additional info: here's the local.te that I generated from audit2allow and using successfully: ========= local.te ========= module local 1.0; require { class capability sys_resource; class process setrlimit; type squid_t; role system_r; }; allow squid_t self:capability sys_resource; allow squid_t self:process setrlimit; ============== end ==============
Fixed in selinux-policy-2.3.6-3.fc5
Closing bugs