Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-60003

SELinux is preventing /usr/sbin/dnsmasq from create access on the socket labeled dnsmasq_t.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • rhel-9.6
    • rhel-9.4
    • selinux-policy
    • None
    • rhel-sst-security-selinux
    • ssg_security
    • 1
    • False
    • Hide

      None

      Show
      None
    • None
    • Red Hat Enterprise Linux
    • None
    • None
    • None
    • x86_64
    • None

      What were you trying to do that didn't work?

      Run SELinux enforcing with dnsmasq allowed create access on socket labeled dnsmasq_t by default

      What is the impact of this issue to you?

      Unclear, but may be connected to bug RHEL-59988

      Please provide the package NVR for which the bug is seen:

      selinux-policy-38.1.35-2.el9_4.2.noarch

      dnsmasq-2.85-16.el9_4.x86_64

      How reproducible is this bug?:

      Always, until:

       

      # ausearch -c 'dnsmasq' --raw | audit2allow -M my-dnsmasq
# semodule -X 300 -i my-dnsmasq.pp

       

      Steps to reproduce

      1. Unclear, but set up dnsmasq as per this fedora discussion

      Expected results

      No SELinux denials on dnsmasq sockets

      Actual results

      SELinux denials on dnsmasq sockets

              rhn-support-zpytela Zdenek Pytela
              extrapseud Morgan Read
              Zdenek Pytela Zdenek Pytela
              SSG Security QE SSG Security QE
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated: