Bug 441594 - privoxy cannot access port 11371 (pgpkeyserver_port_t)
privoxy cannot access port 11371 (pgpkeyserver_port_t)
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
8
All Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-04-08 17:06 EDT by Andrea Dell'Amico
Modified: 2008-11-17 17:03 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-11-17 17:03:28 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Andrea Dell'Amico 2008-04-08 17:06:54 EDT
Description of problem:

I use privoxy as a local proxy. It cannot access port 11371
(pgpkeyserver_port_t), needed by the email client to verify pgp keys

Version-Release number of selected component (if applicable):

privoxy-3.0.6-8.fc8

How reproducible:

Each time evolution tries to verify a pgp/gpg signature against a keyserver.

Additional info:

Here is the raw audit log:

host=x.x.x type=AVC msg=audit(1207687544.48:26): avc:  denied  { name_connect }
for  pid=10440 comm="privoxy" dest=11371 scontext=system_u:system_r:privoxy_t:s0
tcontext=system_u:object_r:pgpkeyserver_port_t:s0 tclass=tcp_socket

host=x.x.x type=SYSCALL msg=audit(1207687544.48:26): arch=40000003 syscall=102
success=no exit=-115 a0=3 a1=b61bb6e0 a2=b61bb798 a3=0 items=0 ppid=1 pid=10440
auid=4294967295 uid=73 gid=73 euid=73 suid=73 fsuid=73 egid=73 sgid=73 fsgid=73
tty=(none) comm="privoxy" exe="/usr/sbin/privoxy"
subj=system_u:system_r:privoxy_t:s0 key=(null)
Comment 1 Daniel Walsh 2008-04-09 08:38:28 EDT
You can allow this for now by executing 

# audit2allow -M mypol -i /var/log/audit/audit.log 
# semodule -i mypol.pp

Fixed in selinux-policy-3.0.8-99.fc8
Comment 2 Andrea Dell'Amico 2008-04-09 10:05:02 EDT
Thank you very much.

Comment 3 Daniel Walsh 2008-11-17 17:03:28 EST
Closing all bugs that have been in modified for over a month.  Please reopen if the bug is not actually fixed.

Note You need to log in before you can comment on or make changes to this bug.