Summary: SELinux is preventing the tor (tor_t) from binding to port 17748. Detailed Description: SELinux has denied the tor from binding to a network port 17748 which does not have an SELinux type associated with it. If tor is supposed to be allowed to listen on this port, you can use the semanage command to add this port to a port type that tor_t can bind to. semanage port -l will list all port types. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against the selinux-policy package. If tor is not supposed to bind to this port, this could signal a intrusion attempt. If this system is running as an NIS Client, turning on the allow_ypbind boolean, may fix the problem. setsebool -P allow_ypbind=1. Allowing Access: If you want to allow tor to bind to this port semanage port -a -t PORT_TYPE -p PROTOCOL 17748 Where PORT_TYPE is a type that tor_t can bind and PROTOCOL is udp or tcp. Additional Information: Source Context unconfined_u:system_r:tor_t:s0 Target Context system_u:object_r:port_t:s0 Target Objects None [ tcp_socket ] Source tor Source Path /usr/bin/tor Port 17748 Host athlonxp.ring-0 Source RPM Packages tor-core-0.1.2.19-1.fc9 Target RPM Packages Policy RPM selinux-policy-3.3.1-72.fc9 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name bind_ports Host Name athlonxp.ring-0 Platform Linux athlonxp.ring-0 2.6.25.9-76.fc9.i686 #1 SMP Fri Jun 27 16:14:35 EDT 2008 i686 athlon Alert Count 2 First Seen Wed 02 Jul 2008 11:15:26 PM EEST Last Seen Wed 02 Jul 2008 11:16:15 PM EEST Local ID 9f071148-d2bc-438d-8aec-9f6aae2969ec Line Numbers Raw Audit Messages host=athlonxp.ring-0 type=AVC msg=audit(1215029775.797:115): avc: denied { name_bind } for pid=28423 comm="tor" src=17748 scontext=unconfined_u:system_r:tor_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket host=athlonxp.ring-0 type=SYSCALL msg=audit(1215029775.797:115): arch=40000003 syscall=102 success=no exit=-13 a0=2 a1=bff6be80 a2=7 a3=8e462e0 items=0 ppid=28422 pid=28423 auid=500 uid=494 gid=490 euid=494 suid=494 fsuid=494 egid=490 sgid=490 fsgid=490 tty=(none) ses=2 comm="tor" exe="/usr/bin/tor" subj=unconfined_u:system_r:tor_t:s0 key=(null)
Sorry. The default tor ports (9001, 9030, 9050) seem to have the SElinux port type of "tor_port_t" and binding to those work. As I was trying to bind to a non-standard tor port (17748), this behaviour can be expected. I'm marking this NOTABUG.
If you want to use the non standard port you can, semanage port -a -t tor_port_t -P tcp 17748