Red Hat Bugzilla – Bug 234731
ypserv not binding to a port <1024
Last modified: 2007-11-30 17:12:00 EST
Description of problem:
Not binding to a low port.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Mar 31 12:36:02 douglas ypbind: Answer for domain 'highley-recommended.com
' from '10.2.2.7' on illegal port 32768.
ypserv seems to be binding to high ports. I tried -p and --port as options to
force it to use a port below 1024 but the service would not start. Ended up
adding --broken-server option to ypbind as a temporary work around.
I can confirm this, although it seems to be a result of the new selinux policy,
selinux-policy-targeted-2.4.6-46.fc6 rather than ypserv itself, so should be
assigned to the selinux component instead of ypserv.
Backing out to selinux-policy-targeted-2.4.6-42 or setting selinux to permissive
cures the problem.
Darn, I thought I tested for that and checked the audit log. Will move it based
on your test results to a selinux policy issue.
The audit log was pretty un-informative about what was happening - I never did
pin down an actual "deny" I could append to this bug report. All I know is what
I did to let people log into my YP slave machines again after a morning of
Fixed in selinux-policy-2.4.6-52
I can confirm that selinux-policy-2.4.6-54 (the version pushed on the updates
server) has cured this problem.