network failures maybe SELinux related?

Daniel J Walsh dwalsh at redhat.com
Sat May 16 11:49:31 UTC 2009


On 05/15/2009 05:48 PM, Brian Ginn wrote:
> corenet_tcp_bind_all_ports()  seems to have solved my problems.
>
On what domain?  This will allow that domain to bind to any port, if you 
know what port you want to listen on, you might be able to add the port 
using

semanage port -a -t MISTERYDOMAIN_port_t -p tcp PORTNUMBER
>
> -Brian
>
>
> From: Brian Ginn
> Sent: Friday, May 15, 2009 1:44 PM
> To: 'fedora-selinux-list at redhat.com'
> Subject: network failures maybe SELinux related?
>
> I have a client app run by users, and two server apps run from xinetd.
> The client connects to server1
> Server1 connects to server2
> Server2 connects back to the client app
>
> When not confined by SELinux policy. Everything works fine.
> I can run several hundred iterations without any failures.
> When confined, but run in permissive mode, Everything works fine. - nothing in audit.log
>
> When confined and enforced, it works a few times, then the connection from server1 to server2 fails.
> Then, after a rest, it works a few times, then the connection from server1 to server2 fails.
> There is nothing in audit.log.
> Does anyone have suggestions for constraints or don't audit rules I should look into?
>
>
> Thanks,
> Brian
>
>
>
>
>
>
>
> ------------------------------------------------------------------------
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list




More information about the fedora-selinux-list mailing list