Re: avc denied from mDNSResponder

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Richard Hally wrote:

When booting in enforcing mode with the latest strict policy(selinux-policy-strict-sources-1.14.1-5)
the following avc denied message is produced.

Jul 10 03:12:02 new2 network: Bringing up interface eth0: succeeded
Jul 10 03:12:04 new2 kernel: audit(1089443524.677:0): avc: denied { name_bind
} for pid=2016 exe=/usr/bin/mDNSResponder scontext=user_u:user_r:user_t tcontext=system_u:object_r:dns_port_t tclass=udp_socket

mDNSResponder is not something we ship, (I think). So you need to write special policy for it or allow user_t to bind to the dns_port.


HTH
Richard Hally
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list


[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux