Bug 447502 - Fail2Ban is not allowed to access/execute /sbin/iptables
Fail2Ban is not allowed to access/execute /sbin/iptables
Status: CLOSED DUPLICATE of bug 230191
Product: Fedora
Classification: Fedora
Component: fail2ban (Show other bugs)
9
All Linux
low Severity low
: ---
: ---
Assigned To: Axel Thimm
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-05-20 03:50 EDT by Matthias Runge
Modified: 2008-05-20 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-20 11:37:22 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Matthias Runge 2008-05-20 03:50:33 EDT
Description of problem:
host=... type=AVC msg=audit(1211267702.880:813): avc: denied { read write } for
pid=25093 comm="iptables" path="socket:[8808]" dev=sockfs ino=8808
scontext=system_u:system_r:iptables_t:s0
tcontext=system_u:system_r:fail2ban_t:s0 tclass=unix_stream_socket host=...
type=SYSCALL msg=audit(1211267702.880:813): arch=40000003 syscall=11 success=yes
exit=0 a0=8eeb1d8 a1=8eea440 a2=8eea480 a3=0 items=0 ppid=25092 pid=25093
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) ses=4294967295 comm="iptables" exe="/sbin/iptables"
subj=system_u:system_r:iptables_t:s0 key=(null) 

Version-Release number of selected component (if applicable):
fail2ban-0.8.2-13.fc9.noarch

How reproducible:
every time

Steps to Reproduce:
1.
2.
3.
  
Actual results:
selinux policy forbids (would forbid) 

Expected results:
allow access to iptables

Additional info:
Comment 1 Axel Thimm 2008-05-20 11:37:22 EDT

*** This bug has been marked as a duplicate of 230191 ***

Note You need to log in before you can comment on or make changes to this bug.