Ralph Shumaker wrote:
I cannot find anything applicable with a search for:
SELinux is preventing the squid daemon from connecting to network port 9000
What distro are you running?
SELinux further states:
SELinux has denied the squid daemon from connecting to 9000. By default
squid policy is setup to deny squid connections. If you did not setup
squid to network connections, this could signal a intrusion attempt.
What is your intended use for squid? Is it not doing something you need
it to do or are you just wondering why you are getting that warning from
SE Linux?
I just now noticed it and SELinux is reporting that there have been 6
such interceptions. I only implemented squid a few days ago. Should I
worry? What should I do to take care of this? What does squid want
with port 9000? And why does SELinux care?
I wouldn't worry as long as Squid is doing what you want it to do.
SE Linux cares because it is trying to restrict squid to least privilege
and allowing squid to access port 9000 is not something that SE Linux
has been told to allow.
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-newbie
