Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 156797 - /etc/init.d/named does not check booleans.local
Summary: /etc/init.d/named does not check booleans.local
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: bind
Version: 4
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Martin Stransky
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-05-04 11:06 UTC by Gene Czarcinski
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version: FC5
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-09-22 02:13:53 UTC


Attachments (Terms of Use)

Description Gene Czarcinski 2005-05-04 11:06:42 UTC
Description of problem:

OK, stuff was added to selinux and bind to support permitting dynamic dns
updating from dhcpd and this worked at one time.  Unfortunately for bind,
selinux (and system-config-securitylevel) changed how locally modified
"variables" were set.  Whereas /etc/selinux/targeted/booleans was modified
previously, now /etc/selinux/targeted/booleans is not chenged and local changes
are put in /etc/selinux/targeted/booleans.local.

Unfortunately, bind was not updated for this change.  /etc/init.d/named needs to
be changed to check for BOTH /etc/selinux/targeted/booleans and
/etc/selinux/targeted/boolenas.local for the value of named_write_master_zones.


Version-Release number of selected component (if applicable):
FC4T2 updated to development as of 3 May 2005
bind-9.3.1-2_FC4

Comment 1 Gene Czarcinski 2005-05-04 11:10:11 UTC
NOTE:  If named_write_master_zones is specified in
/etc/selinux/targeted/booleans.local, then this value (0 or 1) dominates and
anything in /etc/selinux/targeted/booleans is ignored.  If not specified in
/etc/selinux/targeted/booleans.local, then the value in
/etc/selinux/targeted/booleans will rule.

NOTE: "targeted" and "strict" should work the same but I doubt that strict is as
well tested.

Comment 2 Jason Vas Dias 2005-05-04 13:30:13 UTC
OK, I'll make the next version of the named initscript check 
/etc/selinux/targeted/booleans.local for
named_write_master_zones .



Comment 3 Jason Vas Dias 2005-05-18 02:31:49 UTC
This is now fixed with bind-9.3.1-4 in rawhide-2005-05-18 / FC4

Comment 4 Bill Nottingham 2006-09-22 02:13:53 UTC
Closing bugs in MODIFIED state from prior Fedora releases. If this bug persists
in a current Fedora release (such as Fedora Core 5 or later), please reopen and
set the version appropriately.


Note You need to log in before you can comment on or make changes to this bug.