Re: selinux denies iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Antonio Olivares wrote:
> Dear all,
> 
> I am still having trouble setting up the dhcp server because selinux denies iptables 
> 
> type=1400 audit(1227530280.458:4): avc:  denied  { write } for  pid=1430 comm="ip6tables-resto" path="/0" dev=devpts ino=2 scontext=system_u:system_r:iptables_t:s0 tcontext=system_u:object_r:devpts_t:s0 tclass=chr_file 
> 
> Thanks in Advance,
> 
> Antonio 
> 
> 
>       
> 
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
I would doubt this is actually blocking anything, but you can easily
customize policy by executing.


# grep iptables /var/log/audit/audit.log | audit2allow -M myiptables
# semodule -i myiptables.pp

I have added the above rules to the next update of F9/F10 policy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iEYEARECAAYFAkkqq7AACgkQrlYvE4MpobOGbgCg4wDlOBTJlitDr2RJZnn2xC4G
xmIAnjPufGnazbn8EHFRl91ROy/u4CcB
=utED
-----END PGP SIGNATURE-----

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux