Re: [FC3] squid ftp blocked by selinux
From: Paul Howarth (paul_at_city-fan.org)
Date: 07/30/05
- Previous message: Dotan Cohen: "Re: Constructive critisism; room for improvement:"
- In reply to: Jurgen Kramer: "[FC3] squid ftp blocked by selinux"
- Next in thread: Jurgen Kramer: "Re: [FC3] squid ftp blocked by selinux"
- Reply: Jurgen Kramer: "Re: [FC3] squid ftp blocked by selinux"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
To: For users of Fedora Core releases <fedora-list@redhat.com> Date: Sat, 30 Jul 2005 12:57:31 +0100
On Sat, 2005-07-30 at 11:48 +0200, Jurgen Kramer wrote:
> After the last selinux policy update I can no longer use squid to proxy
> FTP transfers. dmesg shows lots of:
>
> audit(1122716171.029:8): avc: denied { name_connect } for pid=2553
> comm="squid" dest=21 scontext=user_u:system_r:squid_t
> tcontext=system_u:object_r:ftp_port_t tclass=tcp_socket
> audit(1122716171.129:9): avc: denied { name_connect } for pid=2553
> comm="squid" dest=21 scontext=user_u:system_r:squid_t
> tcontext=system_u:object_r:ftp_port_t tclass=tcp_socket
> audit(1122716171.229:10): avc: denied { name_connect } for pid=2553
> comm="squid" dest=21 scontext=user_u:system_r:squid_t
> tcontext=system_u:object_r:ftp_port_t tclass=tcp_socket
>
> HTTP transfers still function fine. How can I fix this?
Does this help?
# setsebool -P squid_connect_any 1
Paul.
-- Paul Howarth <paul@city-fan.org> -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
- Previous message: Dotan Cohen: "Re: Constructive critisism; room for improvement:"
- In reply to: Jurgen Kramer: "[FC3] squid ftp blocked by selinux"
- Next in thread: Jurgen Kramer: "Re: [FC3] squid ftp blocked by selinux"
- Reply: Jurgen Kramer: "Re: [FC3] squid ftp blocked by selinux"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
|
