I'm getting these - is it something specific to my setup? I'm up to date and policy rpm's are: selinux-policy.noarch 3.9.16-32.fc15 @updates selinux-policy-targeted.noarch 3.9.16-32.fc15 @updates thanks for any advice. gene ---------------------- SELinux is preventing /usr/sbin/named from add_name access on the directory named.pid. ***** Plugin catchall_boolean (89.3 confidence) suggests ******************* If you want to allow BIND to write the master zone files. Generally this is used for dynamic DNS or zone transfers. Then you must tell SELinux about this by enabling the 'named_write_master_zones' boolean. Do setsebool -P named_write_master_zones 1 ***** Plugin catchall (11.6 confidence) suggests *************************** If you believe that named should be allowed add_name access on the named.pid directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep named /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
