Red Hat Bugzilla – Bug 809120
SELinux is preventing /usr/lib64/yp/ypxfr from 'read, write' accesses on the file /run/ypserv.pid
Last modified: 2012-04-27 01:51:55 EDT
Description of problem:
Non a yp-slave server with selinux enabled, each yppush on a remote yp-master triggers this sealert:
Apr 2 13:46:47 beck setroubleshoot: SELinux is preventing /usr/lib64/yp/ypxfr from 'read, write' accesses on the file /run/ypserv.pid. For complete SELinux messages. run sealert -l cec6e0ba-8123-4668-81da-3056221d0470
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Set up a yp-master and yp-slave server
2. On the yp-master, run (cd /var/yp && make)
SEAlert above being risen on the yp-slave server
Function, no sealert.
Created attachment 574521 [details]
sealert -l cec6e0ba-8123-4668-81da-3056221d0470
Looks like ypserv is leaking an open file descriptor to /var/run/ypserv.pid
(In reply to comment #2)
> Looks like ypserv is leaking an open file descriptor to /var/run/ypserv.pid
Thanks for the tip.
Ralf, can you, please, test the following build, if it fixes the problem?
(In reply to comment #3)
> Ralf, can you, please, test the following build, if it fixes the problem?
AFAICT, after ca. 2 days of using it, it seems to fix this particular issue for me (yppush seems to be working, again).
ypserv-2.27-2.fc17 has been submitted as an update for Fedora 17.
ypserv-2.26-10.fc16 has been submitted as an update for Fedora 16.
* should fix your issue,
* was pushed to the Fedora 17 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing ypserv-2.27-2.fc17'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
ypserv-2.27-2.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.
ypserv-2.26-10.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.