[gamin] gam_server and SElinux

From: "Jonathan Underwood" <jonathan underwood gmail com>
To: gamin-list gnome org
Subject: [gamin] gam_server and SElinux
Date: Mon, 12 May 2008 14:04:56 +0100

Dear Daniel,

Any chance you could cast your eye over:

https://bugzilla.redhat.com/show_bug.cgi?id=437633

In brief, there's a bad interaction between gam_server and selinux
which is breaking fail2ban. The issue is, if some process starts a
gam_server as UID root it will be assigned a SElinux domain according
to the process that started gam_server. If another UID root process
tries to connect to the socket of that first gam_server, according to
the gamin logic it should be allowed, since the UID is correct.
However, the second process fails to connect because it has a
different SElinux domain. In other words, can gam_server be made
SElinux aware? Your thoughts would be much appreciated!

Thanks,
Jonathan

Follow-Ups:
- Re: [gamin] gam_server and SElinux
  - From: Daniel Veillard

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]