Submit a bug report to EPEL?
On Sat, Dec 14, 2013 at 7:18 PM, jdow <[email protected]> wrote: > For some time now ddclient has not been working quite right. I made some > changes that finally brought to light the reason for this. > > I removed the tweaked ddclient.conf, then yum removed ddclient, yum install > ddclient, and finally edited the ddclient.conf file to make it happy. > > I started getting errors. This sequence is typical: > Dec 14 14:40:29 me2 ddclient[5711]: WARNING: updating xxxx.dyndns.org: > nochg: No update required; unnecessary attempts to change to the current > address are considered abusive > Dec 14 14:40:29 me2 ddclient[5711]: FATAL: Cannot create file > '/var/cache/ddclient/ddclient.cache'. (Permission denied) > > I figured it's not nice to abuse the kind folks at dyndns so I dug further > into it. > > "setenforce 0" allows it to run properly. > > So I dug into the audit logs. > These two lines do not look right. > type=AVC msg=audit(1387064159.179:461956): avc: denied { getattr } for > pid=6296 comm="ddclient" path="/var/cache/ddclient/ddclient.cache" dev=dm-0 > ino=2621901 scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 > tcontext=unconfined_u:object_r:var_t:s0 tclass=file > type=SYSCALL msg=audit(1387064159.179:461956): arch=c000003e syscall=4 > success=yes exit=0 a0=1b234a0 a1=1b02130 a2=1b02130 a3=28 items=0 ppid=6281 > pid=6296 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 > tty=(none) ses=10540 comm="ddclient" exe="/usr/bin/perl" > subj=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 key=(null) > > ddclient with a dhcpc_t tag? I note there does not seem to be a ddclient_t > or similar tag on the system. > > The ddclient is from epel. I'd expect it to have a proper selinux setup. > I am rash enough to expect that should be handled in the ddclient rpm > setup. > > What do I need to do to get this to work properly with "setenforce 1" > restored? > > {^_^} Joanne
