Thanks for reply, Miroslav.
Yes, I'm testing DHCP failover.
I got more errors on primary and secondary.
it goes like this I show you as audit2allow -M results,
on the primary DHCP server,
allow dhcpd_t hi_reserved_port_t:tcp_socket name_bind;
on the secondary DHCP server,
allow dhcpd_t efs_port_t:tcp_socket name_bind;
allow dhcpd_t hi_reserved_port_t:tcp_socket name_bind;
Can we set a boolean to allow these when using DHCP failover?
It's really needed when you have two DHCP servers in same network, I guess.
At least I do.
I found no boolean this time, you know.
2014-12-29 19:40 GMT+09:00 Miroslav Grepl <mgrepl(a)redhat.com>:
On 12/28/2014 03:47 PM, Shintaro Fujiwara wrote:
Hi, I'm testing dhcpd in Fedora20 and got this error.
type=AVC msg=audit(1419777402.148:425): avc: denied { name_bind } for
pid=2751 comm="dhcpd" src=520 scontext=system_u:system_r:dhcpd_t:s0
tcontext=system_u:object_r:efs_port_t:s0 tclass=tcp_socket permissive=0
Did it happen by default or did you setup anything (dhcp failover for
example) ?
--
日本にヘヴィメタル・ハードロックを根付かせるページ
http://heavymetalhardrock.no-ip.info/
世界中でセキュアOSのSELinuxを使いやすくするフリーソフト
http://sourceforge.net/projects/segatex/
CMS(PHPとPostgreSQLを使ったフリーソフト)
http://sourceforge.net/projects/webon/
https://github.com/intrajp/irforum_jp
--
selinux mailing
listselinux@lists.fedoraproject.orghttps://admin.fedoraproject.org/mailman/listinfo/selinux
--
日本にヘヴィメタル・ハードロックを根付かせるページ
http://heavymetalhardrock.no-ip.info/
世界中でセキュアOSのSELinuxを使いやすくするフリーソフト
http://sourceforge.net/projects/segatex/
CMS(PHPとPostgreSQLを使ったフリーソフト)
http://sourceforge.net/projects/webon/
https://github.com/intrajp/irforum_jp