[CentOS] selinux and tinydns
Александр Кириллов
nevis2us at infoline.su
Thu Feb 14 08:32:20 UTC 2013
>> tinydns starts up fine, selinux reports no issues (now after a day
>> of
>> clearing errors).
>>
>> If I turn selinux back to permissive in /etc/sysconfig/selinux, and
>> reboot, tinydns responds to queries.
>>
>> If I turn selinux back to enforcing and reboot, tinydns does not
>> respond.
>>
>> Monitoring /var/log/messages shows no errors from iptables/shorewall
>> or
>> selinux. The only way I can find an error is performing the
>> following:-
>>
>> netstat -npl | grep tinydns # gives me the process id
>> strace -f -p <process id>
>>
>> From this I can see that tinydns is reporting an error of:-
>>
>> recvfrom(3, 0x606720, 513, 0, 0x7fffc7321ec0, 0x7fffc7321edc) = -1
>> EACCES (Permission denied)
>>
>> I've got setroubleshoot set to send me an alert on first occurrence
>> of
>> an issue, so far none received.
>>
>> Does anyone know how I should proceed from here ?
>>
>>
> May be you can see what is there is in the audit log and audit2allow
> tool
> might help you
>
> http://wiki.centos.org/HowTos/SELinux
You may also try to temporarily disable "dontadit" rules:
# semodule -DB
More information about the CentOS
mailing list