selinux, squid

Richard Pannell RichardP at multipro.com.au
Thu Aug 11 05:47:29 UTC 2005


I am having problems running squid authentication (ntlm_auth) in FC4 with 
selinux turned on. When I use setenforce 0 I have no problems. But with 
setenforce set to 1 it fails. So using "audit2allow -l -i 
/var/log/message" I got the following result

allow auditd_t initrc_t:unix_dgram_socket sendto;
allow klogd_t device_t:sock_file write;
allow klogd_t initrc_t:unix_dgram_socket sendto;
allow rpcd_t etc_runtime_t:file read;
allow rpcd_t proc_t:file read;
allow rpcd_t samba_etc_t:dir search;
allow rpcd_t samba_var_t:dir { getattr search };
allow syslogd_t etc_runtime_t:file read;
allow syslogd_t proc_t:file read; 

which I added to /etc/selinux/targeted/src/policy/domains/misc/local.te 
and ran 

make -C /etc/selinux/targeted/src/policy clean
make -C /etc/selinux/targeted/src/policy load 

This didn't have any effect. I have updated selinux, squid and samba using 
yum. Is there something obvious that I am missing? Can someone point me in 
the right direction as I am having problems finding a solution to this in 
Google. 

Richie
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050811/fcca0b68/attachment-0001.htm>


More information about the fedora-list mailing list