another selinux question
dan
info at hostinthebox.net
Wed Feb 2 19:32:56 UTC 2005
Darren Grant wrote:
> Change selinux to allow Dynamic DNS:
>
> Edit the following file and change the '0' to '1':
>
> /etc/selinux/targeted/booleans
> named_write_master_zones=1
>
> By default it looks like selinux denies writing of DDNS. Also check that
> named has write permissions to the directory where your zone files are
> stored.
>
> -Darren
>
> Tim Fenn wrote:
>
>> On Wed, Feb 02, 2005 at 06:14:25PM +0530, Rahul Sundaram wrote:
>>
>>
>>> On Tue, 1 Feb 2005 14:38:54 -0800, Tim Fenn <fenn at stanford.edu> wrote:
>>>
>>>
>>>> I'm running both named and dhcpd, and dhcpd is set to do dynamic dns
>>>> updates (both use /etc/rndc.key as the authentication key). All used
>>>> to be good, but now dhcpd won't start, and errors in the kernel log
>>>> show:
>>>>
>>>> audit(1107297176.619:0): avc: denied { search } for pid=8099
>>>> exe=/usr/sbin/dhcpd name=named dev=sda1 ino=1295119
>>>> scontext=root:system_r:dhcpd_t tcontext=system_u:object_r:named_zone_t
>>>> tclass=dir
>>>>
>>>
>>> ask in the fedora-selinux list
>>>
>>>
>>
>>
>> <sigh>... yet another mailing list...
>>
>> I filed a bug report, workarounds are suggested at:
>>
>> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=146844
>>
>> Regards,
>> Tim
>>
>>
>>
>
While we're on the subject of SELinux... anyone know of any good
primers for those of us who may not be very familiar with SELinux yet?
Perhaps some tutorials or articles explaining real-world scenarios of
where SELinux is used, how it's used, and what the outcome is?
Thanks
-dant
More information about the fedora-list
mailing list