[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: iptables denied by selinux

From: Paul Howarth <paul city-fan org>
To: olivares14031 yahoo com, Fedora SELinux support list <fedora-selinux-list redhat com>
Cc:
Subject: Re: iptables denied by selinux
Date: Thu, 11 Dec 2008 09:38:09 +0000

Antonio Olivares wrote:

Dear all,

I have still yet to make the dhcpd server work because of selinux.  I have been patient, but I am getting frustrated :(

[olivares localhost ~]$ dmesg | grep avc
type=1400 audit(1228956840.530:4): avc:  denied  { write } for  pid=1499 comm="ip6tables-resto" path="/0" dev=devpts ino=2 scontext=system_u:system_r:iptables_t:s0 tcontext=system_u:object_r:devpts_t:s0 tclass=chr_file
[olivares localhost ~]$
I have already ran touch /.autorelabel; rebootand all of the other denials have been cleared but this one. I am not yet taking selinux off or getting that desparate, because when I booted in enforcing=0 mode for other troubles, the dhcpd server still did not work, but the iptables message was still there :(
Please advice me, I do not want to throw the towel yet!

Why do you think the DHCP server problem is SELinux related? The AVChere appears to be from starting the ip6tables service, and you say thatthe DCHP server still doesn't work in permissive mode...


What, if any, messages do you see in /var/log/messages from dhcpd?

Paul.

Follow-Ups:
- Re: iptables denied by selinux
  - From: Antonio Olivares

References:
- iptables denied by selinux
  - From: Antonio Olivares

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]