Summary SELinux is preventing fail2ban-server (fail2ban_t) "create" fail2ban_t. Detailed Description SELinux denied access requested by fail2ban-server. It is not expected that this access is required by fail2ban-server and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing AccessYou can generate a local policy module to allow this access - see FAQ Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report against this package. Additional Information Source Context: unconfined_u:system_r:fail2ban_t:s0 Target Context: unconfined_u:system_r:fail2ban_t:s0 Target Objects: None [ unix_dgram_socket ]Source: fail2ban-server Source Path: /usr/bin/pythonPort: <Unknown> Host: qbic.temasek.netSource RPM Packages: python-2.6-9.fc11 Target RPM Packages: Policy RPM: selinux-policy-3.6.12-83.fc11 Selinux Enabled: True Policy Type: targeted MLS Enabled: True Enforcing Mode: Enforcing Plugin Name: catchall Host Name: qbic.temasek.netP latform: Linux qbic.temasek.net 2.6.30.5-43.fc11.i586 #1 SMP Thu Aug 27 21:18:54 EDT 2009 i686 i686A lert Count: 1 First Seen: Wed 30 Sep 2009 10:50:35 PM SGT Last Seen: Wed 30 Sep 2009 10:50:35 PM SGT Local ID: 76d0945f-27f0-4cc9-a1cc-d2a4cf393874 Line Numbers: Raw Audit Messages : node=qbic.temasek.net type=AVC msg=audit(1254322235.476:208): avc: denied { create } for pid=11503 comm="fail2ban-server" scontext=unconfined_u:system_r:fail2ban_t:s0 tcontext=unconfined_u:system_r:fail2ban_t:s0 tclass=unix_dgram_socket node=qbic.temasek.net type=SYSCALL msg=audit(1254322235.476:208): arch=40000003 syscall=102 success=no exit=-13 a0=1 a1=bfd4c840 a2=e8c10c a3=9163050 items=0 ppid=1 pid=11503 auid=500 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="fail2ban-server" exe="/usr/bin/python" subj=unconfined_u:system_r:fail2ban_t:s0 key=(null)
Can back this up - finding the same issue and I don't have the knowledge to create a policy myself.
*** This bug has been marked as a duplicate of bug 522767 ***