avc denied from mDNSResponder

Dennis Gilmore dennis at ausil.us
Sun Jul 11 06:54:56 UTC 2004


Once upon a time Sunday 11 July 2004 1:40 am, Russell Coker wrote:
> On Sat, 10 Jul 2004 17:23, Richard Hally <rhallyx at mindspring.com> wrote:
> > When booting in enforcing mode with the latest strict
> > policy(selinux-policy-strict-sources-1.14.1-5)
> > the following avc denied message is produced.
> >
> > Jul 10 03:12:02 new2 network: Bringing up interface eth0:  succeeded
> > Jul 10 03:12:04 new2 kernel: audit(1089443524.677:0): avc:  denied  {
> > name_bind
> > } for  pid=2016 exe=/usr/bin/mDNSResponder scontext=user_u:user_r:user_t
> > tcontext=system_u:object_r:dns_port_t tclass=udp_socket
>
> What is this /usr/bin/mDNSResponder and where do I find an RPM for it?
>
> Binding to port 53 is an operation for a daemon, why is it happening in
> user_r:user_t?

mDNS is a bind replacement  and it was probably built and installed from 
source is my guess.  Fedora does not ship it

Dennis



More information about the selinux mailing list