Gentoo Archives: gentoo-hardened

From:	Jansson Fredrik <Fredrik.Jansson@×××××××××××.com>
To:	Hardened Gentoo Mail List <gentoo-hardened@l.g.o>
Subject:	[gentoo-hardened] Perforce server under selinux
Date:	Wed, 08 Sep 2004 14:55:56
Message-Id:	`939755D83C92514FA1914B53C405E1C70B040E@ctserver4.hq.columbitech.com`

1	Hi!
2
3	I am trying to get p4d running in enforcing mode. The problem seem to be
4	that p4d can't read and write from sockets:
5
6	audit(1094655218.690:0): avc: denied { write } for pid=19802
7	exe=/usr/sbin/p4d path=socket:[52370] dev=sockfs ino=52370
8	scontext=system_u:system_r:initrc_t tcontext=system_u:system_r:initrc_t
9	tclass=tcp_socket
10	audit(1094655218.691:0): avc: denied { read } for pid=19870
11	exe=/usr/sbin/p4d path=socket:[52370] dev=sockfs ino=52370
12	scontext=system_u:system_r:initrc_t tcontext=system_u:system_r:initrc_t
13	tclass=tcp_socket
14	audit(1094655218.691:0): avc: denied { read } for pid=19870
15	exe=/usr/sbin/p4d path=socket:[52370] dev=sockfs ino=52370
16	scontext=system_u:system_r:initrc_t tcontext=system_u:system_r:initrc_t
17	tclass=tcp_socket
18
19	Is there any way I can modify the policies to allow this?
20
21	Best regards
22	Fredrik Jansson
23
24	--
25	gentoo-hardened@g.o mailing list

Subject	Author
Re: [gentoo-hardened] Perforce server under selinux	Joshua Brindle <method@g.o>