Hide Forgot
SELinux is preventing /usr/sbin/bitlbee from 'name_bind' accesses on the tcp_socket port 6667. ***** Plugin catchall (100. confidence) suggests *************************** If you believe that bitlbee should be allowed name_bind access on the port 6667 tcp_socket by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep bitlbee /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Additional Information: Source Context unconfined_u:system_r:bitlbee_t:s0-s0:c0.c1023 Target Context system_u:object_r:ircd_port_t:s0 Target Objects port 6667 [ tcp_socket ] Source bitlbee Source Path /usr/sbin/bitlbee Port 6667 Host (removed) Source RPM Packages bitlbee-3.0.1-6.fc14 Target RPM Packages Policy RPM selinux-policy-3.9.7-25.fc14 Selinux Enabled True Policy Type targeted Enforcing Mode Enforcing Host Name (removed) Platform Linux (removed) 2.6.35.10-74.fc14.x86_64 #1 SMP Thu Dec 23 16:04:50 UTC 2010 x86_64 x86_64 Alert Count 1 First Seen Wed 02 Feb 2011 20:15:28 IST Last Seen Wed 02 Feb 2011 20:15:28 IST Local ID 2d80dae0-5f84-4e31-81b9-6eb26940beac Raw Audit Messages type=AVC msg=audit(1296657928.636:1217): avc: denied { name_bind } for pid=32274 comm="bitlbee" src=6667 scontext=unconfined_u:system_r:bitlbee_t:s0-s0:c0.c1023 tcontext=system_u:object_r:ircd_port_t:s0 tclass=tcp_socket type=SYSCALL msg=audit(1296657928.636:1217): arch=x86_64 syscall=bind success=no exit=EACCES a0=4 a1=fe06e0 a2=10 a3=7fffc116a160 items=0 ppid=32254 pid=32274 auid=500 uid=489 gid=480 euid=489 suid=489 fsuid=489 egid=480 sgid=480 fsgid=480 tty=(none) ses=1 comm=bitlbee exe=/usr/sbin/bitlbee subj=unconfined_u:system_r:bitlbee_t:s0-s0:c0.c1023 key=(null) Hash: bitlbee,bitlbee_t,ircd_port_t,tcp_socket,name_bind audit2allow #============= bitlbee_t ============== #!!!! This avc is allowed in the current policy allow bitlbee_t ircd_port_t:tcp_socket name_bind; audit2allow -R #============= bitlbee_t ============== #!!!! This avc is allowed in the current policy allow bitlbee_t ircd_port_t:tcp_socket name_bind;
Looks like you are reporting a bug that is already fixed? Did you yum update today?