systemd-socket-proxyd with SELinux enabled doesn't work and produces AVCs

Solution Verified - Updated -

Issue

  • Trying to implement a custom service relying on /usr/lib/systemd/systemd-socket-proxyd, the service doesn't work and AVCs are generated, such as in the example below

    type=AVC msg=audit(...): avc:  denied  { name_connect } for  pid=84209 comm="systemd-socket-" dest=4000 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:unreserved_port_t:s0 tclass=tcp_socket permissive=0
    

Environment

  • Red Hat Enterprise Linux 8 and 9
    • systemd-socket-proxyd

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content