Bug 444061 - Squid's default SNMP port isn't assigned correct SELinux context
Squid's default SNMP port isn't assigned correct SELinux context
Status: CLOSED CURRENTRELEASE
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: selinux-policy (Show other bugs)
5.3
i386 Linux
low Severity low
: rc
: ---
Assigned To: Daniel Walsh
: SELinux
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-04-24 16:17 EDT by Chris Robertson
Modified: 2008-05-06 16:02 EDT (History)
0 users

See Also:
Fixed In Version: u2
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-06 16:02:19 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Chris Robertson 2008-04-24 16:17:13 EDT
Description of problem:
Squid's default SNMP port (UDP port 3401) isn't assigned the correct SELinux
policy.  Squid won't start with SELinux in enforcing mode and SNMP enabled. 

Version-Release number of selected component (if applicable):
squid-2.6.STABLE6-5.el5_1.3
selinux-policy-2.4.6-106.el5_1.3

How reproducible:
Always

Steps to Reproduce:
1. Install Squid RPM
2. Modify squid.conf directive snmp_port from its commented value of "snmp_port
0" to "snmp_port 3401"
3. Attempt to start Squid
  
Actual results:

Squid doesn't start.  cache.log mentions failure to open SNMP port 3401.

Expected results:
Squid starts and listens for SNMP queries on port 3401.

Additional info:
Fixable by "semanage port -a -t http_cache_port_t -p udp 3401"
Comment 1 Martin Nagy 2008-05-02 12:58:21 EDT
I can confirm this. Changing component to selinux-policy.
Comment 2 Daniel Walsh 2008-05-06 16:02:19 EDT
This is already fixed in u2 policy

Snapshot available on 

http://people.redhat.com/dwalsh/SELinux/RHEL5

selinux-policy-2.4.6-137.el5

Note You need to log in before you can comment on or make changes to this bug.