Description of problem: I use privoxy as a local proxy. It cannot access port 11371 (pgpkeyserver_port_t), needed by the email client to verify pgp keys Version-Release number of selected component (if applicable): privoxy-3.0.6-8.fc8 How reproducible: Each time evolution tries to verify a pgp/gpg signature against a keyserver. Additional info: Here is the raw audit log: host=x.x.x type=AVC msg=audit(1207687544.48:26): avc: denied { name_connect } for pid=10440 comm="privoxy" dest=11371 scontext=system_u:system_r:privoxy_t:s0 tcontext=system_u:object_r:pgpkeyserver_port_t:s0 tclass=tcp_socket host=x.x.x type=SYSCALL msg=audit(1207687544.48:26): arch=40000003 syscall=102 success=no exit=-115 a0=3 a1=b61bb6e0 a2=b61bb798 a3=0 items=0 ppid=1 pid=10440 auid=4294967295 uid=73 gid=73 euid=73 suid=73 fsuid=73 egid=73 sgid=73 fsgid=73 tty=(none) comm="privoxy" exe="/usr/sbin/privoxy" subj=system_u:system_r:privoxy_t:s0 key=(null)
You can allow this for now by executing # audit2allow -M mypol -i /var/log/audit/audit.log # semodule -i mypol.pp Fixed in selinux-policy-3.0.8-99.fc8
Thank you very much.
Closing all bugs that have been in modified for over a month. Please reopen if the bug is not actually fixed.