Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 161233 - privoxy unable to resolve host names
Summary: privoxy unable to resolve host names
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: 4
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-06-21 16:05 UTC by Martin Ebourne
Modified: 2007-11-30 22:11 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-06-29 10:00:02 UTC


Attachments (Terms of Use)

Description Martin Ebourne 2005-06-21 16:05:51 UTC
Description of problem:

Privoxy is unable to resolve hostnames and therefore does not work. I am using
it with a forward proxy line, but I suspect that doesn't matter here. Log
entries such as this are present in /var/log/privoxy/logfile:

Jun 21 16:55:43 Privoxy(-1208865872) Error: could not resolve hostname
webproxy.company.com

Entries such as this are present in /var/log/messages:

Jun 21 16:55:43 lldnetsjgxqt0j kernel: audit(1119369343.990:821): avc:  denied {
read } for  pid=26179 comm="privoxy" name=resolv.conf dev=dm-0 ino=16458
scontext=system_u:system_r:privoxy_t tcontext=system_u:object_r:etc_runtime_t
tclass=file

Version-Release number of selected component (if applicable):

selinux-policy-targeted-1.23.16-6
privoxy-3.0.3-7

How reproducible:
Every time.

Steps to Reproduce:
1. Configure browser to use privoxy.
2. [Maybe configure privoxy with a forward line, but probably not necessary.]
3. Attempt to access web sites.
  
Actual results:
404 not found, entries in log files.

Expected results:
Load page from website as normal.

Additional info:
I have done a full relabel, no change.
Workaround is to disable privoxy support in selinux using gui security tool.

Comment 1 Daniel Walsh 2005-06-23 11:30:00 UTC
Do you have something in the init scripts that is recreating the /etc/resolv.conf?

It's context if created via dhclient or NetoworkManager should be net_conf_t.

Dan

Comment 2 Martin Ebourne 2005-06-29 10:00:02 UTC
Sorry for the noise, yes that's exactly it.

I had a 'sed -i' in rc.local to append to the domain search path. I've now found
the 'append domain-name' option in dhclient.conf which is how I should have
fixed it in the first place, and all is well.


Note You need to log in before you can comment on or make changes to this bug.