[FC3] squid ftp blocked by selinux

From: Jurgen Kramer (gtm.kramer_at_inter.nl.net)
Date: 07/30/05

Next message: Duncan Lithgow: "Re: OT The (US) $s at work."

Previous message: Paul Howarth: "Re: FC4-Network Problem"
Next in thread: Paul Howarth: "Re: [FC3] squid ftp blocked by selinux"
Reply: Paul Howarth: "Re: [FC3] squid ftp blocked by selinux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: For users of Fedora Core releases <fedora-list@redhat.com>
Date: Sat, 30 Jul 2005 11:48:21 +0200

After the last selinux policy update I can no longer use squid to proxy
FTP transfers. dmesg shows lots of:

audit(1122716171.029:8): avc: denied { name_connect } for pid=2553
comm="squid" dest=21 scontext=user_u:system_r:squid_t
tcontext=system_u:object_r:ftp_port_t tclass=tcp_socket
audit(1122716171.129:9): avc: denied { name_connect } for pid=2553
comm="squid" dest=21 scontext=user_u:system_r:squid_t
tcontext=system_u:object_r:ftp_port_t tclass=tcp_socket
audit(1122716171.229:10): avc: denied { name_connect } for pid=2553
comm="squid" dest=21 scontext=user_u:system_r:squid_t
tcontext=system_u:object_r:ftp_port_t tclass=tcp_socket

HTTP transfers still function fine. How can I fix this?

Jurgen

> selinux-policy-targeted-1.17.30-3.16

-- 
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list

Next message: Duncan Lithgow: "Re: OT The (US) $s at work."

Previous message: Paul Howarth: "Re: FC4-Network Problem"
Next in thread: Paul Howarth: "Re: [FC3] squid ftp blocked by selinux"
Reply: Paul Howarth: "Re: [FC3] squid ftp blocked by selinux"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

linux.derkeiler.com > Mailing-Lists > Fedora > 2005-07