another selinux question
Daniel J Walsh
dwalsh at redhat.com
Wed Feb 2 19:32:16 UTC 2005
Darren Grant wrote:
> Change selinux to allow Dynamic DNS:
>
> Edit the following file and change the '0' to '1':
>
> /etc/selinux/targeted/booleans
> named_write_master_zones=1
>
> By default it looks like selinux denies writing of DDNS. Also check
> that named has write permissions to the directory where your zone
> files are stored.
>
That will only do it on the next reboot.
setsebool -P named_write_master_zones=1
Will set it on now and edit the file for you.
system-config-securitylevel will do all this with a GUI.
Dan
> -Darren
>
> Tim Fenn wrote:
>
>> On Wed, Feb 02, 2005 at 06:14:25PM +0530, Rahul Sundaram wrote:
>>
>>
>>> On Tue, 1 Feb 2005 14:38:54 -0800, Tim Fenn <fenn at stanford.edu> wrote:
>>>
>>>
>>>> I'm running both named and dhcpd, and dhcpd is set to do dynamic dns
>>>> updates (both use /etc/rndc.key as the authentication key). All used
>>>> to be good, but now dhcpd won't start, and errors in the kernel log
>>>> show:
>>>>
>>>> audit(1107297176.619:0): avc: denied { search } for pid=8099
>>>> exe=/usr/sbin/dhcpd name=named dev=sda1 ino=1295119
>>>> scontext=root:system_r:dhcpd_t tcontext=system_u:object_r:named_zone_t
>>>> tclass=dir
>>>>
>>>
>>> ask in the fedora-selinux list
>>>
>>>
>>
>>
>> <sigh>... yet another mailing list...
>>
>> I filed a bug report, workarounds are suggested at:
>>
>> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=146844
>>
>> Regards,
>> Tim
>>
>>
>>
>
More information about the fedora-list
mailing list