Running SCTP with SELinux in enforcing mode on Red Hat Enterprise Linux
Issue
- Why does the
SCTPsocket bind fails with error#13when SELinux is enabled in Red Hat Enterprise Linux 6 ?
type=AVC msg=audit(1305200274.734:43503): avc: denied { name_bind } for pid=5426 comm="XXX" src=6662 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=rawip_socket
- We have enabled the SELinux in our server and we have tried
SCTP. It is not working- What we need to do to enable
SCTPin selinux server type.
- What we need to do to enable
- The following messages are reported in
audit.logwhen runningjavaapplication withSCTP
type=AVC msg=audit(1404455968.518:1100091): avc: denied { getopt } for pid=22393 comm="java" laddr=172.16.20.21 lport=5432 faddr=172.16.30.31 fport=59855 scontext=unconfined_u:unconfined_r:unconfined_java_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=rawip_socket
type=AVC msg=audit(1404455968.718:1100092): avc: denied { read } for pid=22404 comm="java" laddr=172.16.20.21 lport=5432 faddr=172.16.30.31 fport=59855 scontext=unconfined_u:unconfined_r:unconfined_java_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=rawip_socket
Environment
- Red Hat Enterprise Linux 5 (RHEL)
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- Stream Control Transmission Protocol (
SCTP)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
