Running SCTP with SELinux in enforcing mode on Red Hat Enterprise Linux
Issue
- Why does the
SCTPsocket bind fails with error#13when SELinux is enabled in Red Hat Enterprise Linux 6 ?
type=AVC msg=audit(1305200274.734:43503): avc: denied { name_bind } for pid=5426 comm="XXX" src=6662 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 tcontext=system_u:object_r:port_t:s0 tclass=rawip_socket
- We have enabled the SELinux in our server and we have tried
SCTP. It is not working- What we need to do to enable
SCTPin selinux server type.
- What we need to do to enable
- The following messages are reported in
audit.logwhen runningjavaapplication withSCTP
type=AVC msg=audit(1404455968.518:1100091): avc: denied { getopt } for pid=22393 comm="java" laddr=172.16.20.21 lport=5432 faddr=172.16.30.31 fport=59855 scontext=unconfined_u:unconfined_r:unconfined_java_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=rawip_socket
type=AVC msg=audit(1404455968.718:1100092): avc: denied { read } for pid=22404 comm="java" laddr=172.16.20.21 lport=5432 faddr=172.16.30.31 fport=59855 scontext=unconfined_u:unconfined_r:unconfined_java_t:s0-s0:c0.c1023 tcontext=system_u:object_r:unlabeled_t:s0 tclass=rawip_socket
Environment
- Red Hat Enterprise Linux 5 (RHEL)
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- Stream Control Transmission Protocol (
SCTP)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
