Displaying 8 results from an estimated 8 matches for "allow_ypbind".
2017 Jun 06
2
weird SELinux denial
...eing this in my audit.logs:
type=AVC msg=audit(1496336600.230:6): avc: denied { name_connect } for pid=2411 comm="dbus-daemon" dest=111 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:portmap_port_t:s0 tclass=tcp_socket
Was caused by:
The boolean allow_ypbind was set incorrectly.
Description:
Allow system to run with NIS
Allow access by executing:
# setsebool -P allow_ypbind 1
The weirdness is that when I check allow_ypbind, it?s already on:
# getsebool allow_ypbind
allow_ypbind --> on
#
Does anyone with more experience with SELinux than m...
2017 Jun 06
0
weird SELinux denial
...ogs:
>
> type=AVC msg=audit(1496336600.230:6): avc: denied { name_connect } for pid=2411 comm="dbus-daemon" dest=111 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:portmap_port_t:s0 tclass=tcp_socket
>
> Was caused by:
> The boolean allow_ypbind was set incorrectly.
> Description:
> Allow system to run with NIS
>
> Allow access by executing:
> # setsebool -P allow_ypbind 1
>
>
> The weirdness is that when I check allow_ypbind, it?s already on:
>
> # getsebool allow_ypbind
> allow_ypbind --> on
>...
2017 Jun 06
2
weird SELinux denial
It says what it is my original post; that?s the output from audit2allow ?w (which is audit2why):
Was caused by:
The boolean allow_ypbind was set incorrectly.
Description:
Allow system to run with NIS
Allow access by executing:
# setsebool -P allow_ypbind 1
---
Mike VanHorn
Senior Computer Systems Administrator
College of Engineering and Computer Science
Wright State University
265 Russ Engineering Center
937-775-5157
michael....
2017 Jun 06
0
weird SELinux denial
On 06/06/2017 09:41 AM, Vanhorn, Mike wrote:
> It says what it is my original post; that?s the output from audit2allow ?w (which is audit2why):
>
> Was caused by:
> The boolean allow_ypbind was set incorrectly.
> Description:
> Allow system to run with NIS
>
> Allow access by executing:
> # setsebool -P allow_ypbind 1
>
> ---
> Mike VanHorn
> Senior Computer Systems Administrator
> College of Engineering and Computer Science
> Wright State Universi...
2017 Jun 06
2
weird SELinux denial
...Walsh" <dwalsh at redhat.com> wrote:
>I am asking if you run it again, does it change. If the boolean is set
>the audit2why should say that the AVC is allowed.
Well, if I just run audit2why again, it always tells me the same thing. However, I have now discovered that if I unset allow_ypbind, and then reset it to 1, audit2why then says
type=AVC msg=audit(1496768649.872:1338): avc: denied { name_connect } for pid=2413 comm="dbus-daemon" dest=111 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:portmap_port_t:s0 tclass=tcp_socket
Was ca...
2011 Nov 01
1
SELinux and SETroubleshootd woes in CR
...11:53,920 [database.DEBUG] database version 3.0 compatible
with current 3.0 version
2011-11-01 15:11:53,923 [plugin.DEBUG] load_plugins()
names=['httpd_bad_labels', 'allow_saslauthd_read_shadow',
'tftpd_write_content', 'allow_nfsd_anon_write', 'vbetool', 'allow_ypbind',
'httpd_use_cifs', 'file', 'allow_execheap', 'nfs_export_all_rw',
'allow_java_execstack', 'allow_httpd_sys_script_anon_write', 'samba_share',
'filesystem_associate', 'fcron_crond', 'inetd_bind_ports',
'named_wr...
2017 Jun 06
0
weird SELinux denial
...walsh at redhat.com> wrote:
>
>> I am asking if you run it again, does it change. If the boolean is set
>> the audit2why should say that the AVC is allowed.
> Well, if I just run audit2why again, it always tells me the same thing. However, I have now discovered that if I unset allow_ypbind, and then reset it to 1, audit2why then says
>
> type=AVC msg=audit(1496768649.872:1338): avc: denied { name_connect } for pid=2413 comm="dbus-daemon" dest=111 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:portmap_port_t:s0 tclass=tcp_socket...
2008 Jun 03
1
SELinux and samba/winbind w/ADS on RHEL 4.6
SELinux appears to be interfering with winbind's functionality.
I have the lastest policy package installed:
selinux-policy-targeted-1.17.30-2.149
which allegedly solves this problem according to the RedHat knowledge
base, but clearly does not. I have to turn off SELinux by using
setenforce 0 (permissive) to get winbind to work at all, and based on
what I see in the log files,