FC5 dbus-deamon name_connect denied
Tim Fenn
fenn at stanford.edu
Thu Mar 23 09:17:24 UTC 2006
On Wed, Mar 22, 2006 at 03:36:49PM -0500, Daniel J Walsh wrote:
> Tim Fenn wrote:
> >After upgrading from FC4 to FC5, everything seems to be working well,
> >except for the dbus-daemon. It hogs CPU and continuously spits out
> >the following, unless messagebus is stopped:
> >
> >audit(1143051102.334:1219773): avc: denied { name_connect } for
> >pid=24150 comm="dbus-daemon" dest=111
> >scontext=user_u:system_r:system_dbusd_t:s0
> >tcontext=system_u:object_r:portmap_port_t:s0 tclass=tcp_socket
> >
> >audit(1143051102.334:1219773): arch=40000003 syscall=102 success=no
> >exit=-13 a0=3 a1=bfa7fbec a2=da4ff4 a3=0 items=0 pid=24150 auid=1567
> >uid=81 gid=81 euid=81 suid=81 fsuid=81 egid=81 sgid=81 fsgid=81
> >comm="dbus-daemon" exe="/bin/dbus-daemon"
> >
> >audit(1143051102.334:1219773): saddr=0200006F7F00000168C56709C0916700
> >audit(1143051102.334:1219773): nargs=3 a0=c a1=bfa7fcfc a2=10
> >
> >I'm sure I missed something simple (as usual). Any hints?
> >
> >If it helps, I'm using:
> >
> >selinux-policy-2.2.23-15
> >selinux-policy-targeted-2.2.23-15
> >
> >Thanks for any pointers,
> >Tim
> >
> Are you running on an NIS machine? If yes is the allow_ypbind boolean
> turned on?
>
> getsebool allow_ypbind
>
> If not turn it on
>
> setsebool -P allow_ypbind=1
>
Thanks - that fixed it.
-Tim
More information about the selinux
mailing list