selinux is denying iptables, how can I get the dhcp server working
Antonio Olivares
olivares14031 at yahoo.com
Fri Nov 21 15:39:13 UTC 2008
--- On Thu, 11/20/08, Mads Kiilerich <mads at kiilerich.com> wrote:
> From: Mads Kiilerich <mads at kiilerich.com>
> Subject: Re: selinux is denying iptables, how can I get the dhcp server working
> To: "For testers of Fedora Core development releases" <fedora-test-list at redhat.com>
> Date: Thursday, November 20, 2008, 5:29 PM
> > I see the following:
> > type=1400 audit(1227217617.326:6): avc: denied {
> write } for pid=10490 comm="iptables-save"
> path="/etc/sysconfig/iptables" dev=dm-0
> ino=28345626
> scontext=unconfined_u:unconfined_r:iptables_t:s0-s0:c0.c1023
> tcontext=system_u:object_r:etc_t:s0 tclass=file
> >
>
> When? What command are you running?
>
> Have you tried "service iptables save"? What will
> "ls -lZ /etc/sysconfig/iptables*" then show?
>
> /Mads
> --
> fedora-test-list mailing list
> fedora-test-list at redhat.com
> To unsubscribe:
> https://www.redhat.com/mailman/listinfo/fedora-test-list
[olivares at localhost ~]$ su -
Password:
[root at localhost ~]# ls -lZ /etc/sysconfig/iptables*
-rw------- root root system_u:object_r:etc_t /etc/sysconfig/iptables
-rw------- root root system_u:object_r:etc_t /etc/sysconfig/iptables~
-rw-r--r-- root root system_u:object_r:etc_t /etc/sysconfig/iptables-config
-rw------- root root unconfined_u:object_r:etc_runtime_t /etc/sysconfig/iptables.save
[root at localhost ~]#
Thanks,
Antonio
More information about the test
mailing list