<div dir="ltr"><div><div><div><div><div><div><div><div><div><div>Thanks for reply, Miroslav.<br><br>Yes, I'm testing DHCP failover.<br></div><br>I got more errors on primary and secondary.<br><br></div>it goes like this I show you as audit2allow -M results,<br></div><br></div>on the primary DHCP server,<br></div><br>allow dhcpd_t hi_reserved_port_t:tcp_socket name_bind;<br></div><br>on the secondary DHCP server,<br></div><br>allow dhcpd_t efs_port_t:tcp_socket name_bind;<br></div>allow dhcpd_t hi_reserved_port_t:tcp_socket name_bind;<br><br></div>Can we set a boolean to allow these when using DHCP failover?<br></div><div>It's really needed when you have two DHCP servers in same network, I guess.<br></div><div>At least I do.<br></div>I found no boolean this time, you know.<br><div><div><br><br><div><div><br><div><div><div><div><br><br></div></div></div></div></div></div></div></div></div><div class="gmail_extra"><br><div class="gmail_quote">2014-12-29 19:40 GMT+09:00 Miroslav Grepl <span dir="ltr"><<a href="mailto:mgrepl@redhat.com" target="_blank">mgrepl@redhat.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF"><span class="">
<div>On 12/28/2014 03:47 PM, Shintaro
Fujiwara wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi, I'm testing dhcpd in Fedora20 and got this
error.<br>
<br>
type=AVC msg=audit(1419777402.148:425): avc: denied {
name_bind } for pid=2751 comm="dhcpd" src=520
scontext=system_u:system_r:dhcpd_t:s0
tcontext=system_u:object_r:efs_port_t:s0 tclass=tcp_socket
permissive=0<br>
<br>
</div>
</blockquote></span>
Did it happen by default or did you setup anything (dhcp failover
for example) ?<br>
<blockquote type="cite"><span class="">
<div dir="ltr"><br>
<br clear="all">
<br>
-- <br>
<div>
<div dir="ltr">
<div>日本にヘヴィメタル・ハードロックを根付かせるページ<br>
</div>
<div><a href="http://heavymetalhardrock.no-ip.info/" target="_blank">http://heavymetalhardrock.no-ip.info/</a><br>
</div>
<div><br>
世界中でセキュアOSのSELinuxを使いやすくするフリーソフト<br>
<a href="http://sourceforge.net/projects/segatex/" target="_blank">http://sourceforge.net/projects/segatex/</a><br>
</div>
<div><br>
CMS(PHPとPostgreSQLを使ったフリーソフト)<br>
</div>
<a href="http://sourceforge.net/projects/webon/" target="_blank">http://sourceforge.net/projects/webon/</a><br>
<a href="https://github.com/intrajp/irforum_jp" target="_blank">https://github.com/intrajp/irforum_jp</a><br>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</span><span class="HOEnZb"><font color="#888888"><pre>--
selinux mailing list
<a href="mailto:selinux@lists.fedoraproject.org" target="_blank">selinux@lists.fedoraproject.org</a>
<a href="https://admin.fedoraproject.org/mailman/listinfo/selinux" target="_blank">https://admin.fedoraproject.org/mailman/listinfo/selinux</a></pre>
</font></span></blockquote>
<br>
</div>
</blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature"><div dir="ltr"><div>日本にヘヴィメタル・ハードロックを根付かせるページ<br></div><div><a href="http://heavymetalhardrock.no-ip.info/" target="_blank">http://heavymetalhardrock.no-ip.info/</a><br></div><div><br>世界中でセキュアOSのSELinuxを使いやすくするフリーソフト<br><a href="http://sourceforge.net/projects/segatex/" target="_blank">http://sourceforge.net/projects/segatex/</a><br></div><div><br>CMS(PHPとPostgreSQLを使ったフリーソフト)<br></div><a href="http://sourceforge.net/projects/webon/" target="_blank">http://sourceforge.net/projects/webon/</a><br><a href="https://github.com/intrajp/irforum_jp" target="_blank">https://github.com/intrajp/irforum_jp</a><br></div></div>
</div>