[CentOS] weird SELinux denial

Tue Jun 6 13:17:27 UTC 2017
Vanhorn, Mike <michael.vanhorn at wright.edu>

I keep seeing this in my audit.logs:

type=AVC msg=audit(1496336600.230:6): avc:  denied  { name_connect } for  pid=2411 comm="dbus-daemon" dest=111 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:portmap_port_t:s0 tclass=tcp_socket

	Was caused by:
	The boolean allow_ypbind was set incorrectly.
	Allow system to run with NIS

	Allow access by executing:
	# setsebool -P allow_ypbind 1

The weirdness is that when I check allow_ypbind, it’s already on:

 # getsebool allow_ypbind
allow_ypbind --> on

Does anyone with more experience with SELinux than me have any idea why this is happening?

Mike VanHorn
Senior Computer Systems Administrator
College of Engineering and Computer Science
Wright State University
265 Russ Engineering Center
michael.vanhorn at wright.edu