Got this one today:
type=AVC msg=audit(1202724149.875:1426): avc: denied { name_bind } for
pid=2468 comm="named" src=2605 scontext=system_u:system_r:named_t:s0
tcontext=system_u:object_r:bgp_port_t:s0 tclass=udp_socket
type=SYSCALL msg=audit(1202724149.875:1426): arch=c000003e syscall=49
success=no exit=-13 a0=38 a1=41400d70 a2=1c a3=41400b6c items=0 ppid=1
pid=2468 auid=4294967295 uid=25 gid=25 euid=25 suid=25 fsuid=25 egid=25
sgid=25 fsgid=25 tty=(none) comm="named" exe="/usr/sbin/named"
subj=system_u:system_r:named_t:s0 key=(null)
I suspect that this snippet from the logwatch report is related:
could not update an IPv6 random query port: permission denied: 1 Time(s)
I guess I need to specify the query-source and query-source-v6 bind
options to tie this down?
Paul.
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
