"service iptables stop" not working -- /proc/net unreadable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I had a problem disabling my iptables firewall today, and noticed that
/proc/net being unreadable was the cause of "service iptables stop"
not working.  I have an avc:

audit(1115326402.826:0): avc:  denied  { search } for  pid=5818 
exe=/bin/tcsh name=net dev=proc ino=-268435434 
scontext=user_u:system_r:unconfined_t 
tcontext=system_u:object_r:proc_net_t tclass=dir

What happened to my /proc?

#ls -lZ /proc/net
ls: /proc/net: Permission denied
#ls -lZd /proc/net
ls: /proc/net: Permission denied
#ls -lZ /proc|grep net
?---------  ?        ?                                         net
#ls -l /proc|grep net
?---------   ? ?       ?               ?            ? net

This is FC3 with kernel-2.6.11-1.14_FC3 and
selinux-policy-targeted-1.17.30-3.1.

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux