Fedora Account System
Red Hat Associate
Red Hat Customer
Description of problem: When the server binary is checked for its selinux context, its path is not full, and if the binary is located in a nonstandard location, getfilecon() returns -1 and xinetd reports that changing process context failed. In set_context_from_socket(): exepath = SC_SERVER_ARGV( scp )[0]; if (getfilecon(exepath, &exec_context) < 0) goto fail; Version-Release number of selected component (if applicable): xinetd-2.3.15-5 How reproducible: always Steps to Reproduce: 1. Have a testing server 2. Configure a xinetd service service test_labeled_ipv4 { id = test_labeled_ipv4 type = UNLISTED flags = REUSE IPv4 LABELED wait = no user = root disable = no instances = 1 socket_type = stream protocol = tcp port = 4001 server = /usr/local/non-standard/path/test_labeled_ipv4 } 3. Connect to the server 4. Observe an error Actual results: 13/6/25@15:44:01: ERROR: 8373 {exec_server} Changing process context failed for test_labeled_ipv4 Expected results: Connection succeeds if all the selinux stuff is right.
Created attachment 765095 [details] Patch
xinetd-2.3.15-6.fc19 has been submitted as an update for Fedora 19. https://admin.fedoraproject.org/updates/xinetd-2.3.15-6.fc19
Pushed: http://pkgs.fedoraproject.org/cgit/xinetd.git/commit/?id=492bfbdc8649778cd39e823e662fd5fb3111aa9a
Package xinetd-2.3.15-6.fc19: * should fix your issue, * was pushed to the Fedora 19 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing xinetd-2.3.15-6.fc19' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2013-11714/xinetd-2.3.15-6.fc19 then log in and leave karma (feedback).
xinetd-2.3.15-6.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.