Linux Archive

Linux Archive (
-   Fedora SELinux Support (
-   -   named issue (

Genes MailLists 07-11-2011 11:44 AM

named issue
I'm getting these - is it something specific to my setup?
I'm up to date and policy rpm's are:

selinux-policy.noarch 3.9.16-32.fc15 @updates

selinux-policy-targeted.noarch 3.9.16-32.fc15 @updates

thanks for any advice.


SELinux is preventing /usr/sbin/named from add_name access on the

***** Plugin catchall_boolean (89.3 confidence) suggests

If you want to allow BIND to write the master zone files. Generally this
is used for dynamic DNS or zone transfers.
Then you must tell SELinux about this by enabling the
'named_write_master_zones' boolean.
setsebool -P named_write_master_zones 1

***** Plugin catchall (11.6 confidence) suggests

If you believe that named should be allowed add_name access on the directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
allow this access for now by executing:
# grep named /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

selinux mailing list

Genes MailLists 07-11-2011 01:21 PM

named issue
On 07/11/2011 07:44 AM, Genes MailLists wrote:

rerunning restorecon may fix the problem .. not sure how these got changed:

restorecon reset /var/named/chroot/var/run/named/ context

Sorry for noise ... presumably this will fix it.

selinux mailing list

All times are GMT. The time now is 06:55 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.