Bug 436535 - denial when bugzilla uses remote ldap
Summary: denial when bugzilla uses remote ldap
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 8
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
Depends On:
TreeView+ depends on / blocked
Reported: 2008-03-07 19:17 UTC by cje
Modified: 2008-11-17 22:03 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2008-11-17 22:03:16 UTC

Attachments (Terms of Use)

Description cje 2008-03-07 19:17:49 UTC
Description of problem:
bugzilla can't connect to a remote LDAP server

te from audit2allow:

allow httpd_bugzilla_script_t ldap_port_t:tcp_socket name_connect;


Comment 1 Daniel Walsh 2008-03-10 13:55:12 UTC
Is this a common setup?  Why does bugzilla use ldap?

Comment 2 cje 2008-03-10 21:35:27 UTC
it's the only remote account management option available in bugzilla (i think).
 i imagine it's not in common use because it doesn't work well.

but the point is that it's certainly meant to be possible - it's not an add-on
feature or anything - it's right there in the .rpm package.

see section 3.1.11. "LDAP Authentication" on

Comment 3 Daniel Walsh 2008-03-11 23:27:57 UTC
Ok, although from reading up on it, it seems pretty shaky.

Fixed in selinux-policy-3.0.8-93.fc8

Comment 4 cje 2008-03-11 23:58:06 UTC
thanks.  :-)

(i'm working on it - bug 437035 bug 436536)

Comment 5 Daniel Walsh 2008-11-17 22:03:16 UTC
Closing all bugs that have been in modified for over a month.  Please reopen if the bug is not actually fixed.

Note You need to log in before you can comment on or make changes to this bug.