Linux Archive

Linux Archive (http://www.linux-archive.org/)
-   Fedora SELinux Support (http://www.linux-archive.org/fedora-selinux-support/)
-   -   named issue (http://www.linux-archive.org/fedora-selinux-support/550893-named-issue.html)

Genes MailLists 07-11-2011 11:44 AM

named issue
 
I'm getting these - is it something specific to my setup?
I'm up to date and policy rpm's are:

selinux-policy.noarch 3.9.16-32.fc15 @updates

selinux-policy-targeted.noarch 3.9.16-32.fc15 @updates


thanks for any advice.

gene
----------------------

SELinux is preventing /usr/sbin/named from add_name access on the
directory named.pid.

***** Plugin catchall_boolean (89.3 confidence) suggests
*******************

If you want to allow BIND to write the master zone files. Generally this
is used for dynamic DNS or zone transfers.
Then you must tell SELinux about this by enabling the
'named_write_master_zones' boolean.
Do
setsebool -P named_write_master_zones 1

***** Plugin catchall (11.6 confidence) suggests
***************************

If you believe that named should be allowed add_name access on the
named.pid directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep named /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp



--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux

Genes MailLists 07-11-2011 01:21 PM

named issue
 
On 07/11/2011 07:44 AM, Genes MailLists wrote:
>


>
rerunning restorecon may fix the problem .. not sure how these got changed:

restorecon reset /var/named/chroot/var/run/named/named.pid context
system_u:object_r:named_zone_t:s0->system_u:object_r:named_var_run_t:s0

Sorry for noise ... presumably this will fix it.


--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux


All times are GMT. The time now is 06:55 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.