bind 0.0.0.0 does not allow bind to any IP address (?)
Posted: Mon Apr 17, 2006 11:14 am
Trying to setup network ACLs, I have the following problem:
using attempt #1 works(with MYIP being my eth0 ip address), but attempts #2 fails, I get
Any idea what's going wrong? Or is this the expected behavior?
- Code: Select all
role default G
role_transitions admin
subject /
...
bind disabled
subject /usr/sbin/vsftpd p
/var/log/vsftpd.log a
/srv/http/www rwcd
+CAP_SYS_CHROOT
bind MYIP stream tcp #atempt 1
bind 0.0.0.0 stream tcp #atempt 2
using attempt #1 works(with MYIP being my eth0 ip address), but attempts #2 fails, I get
(default:D:/usr/sbin/vsftpd) denied bind() to MYIP port 54167 sock type stream protocol tcp by /usr/sbin/vsftpd[vsftpd:1744] uid/euid:1008/1008 gid/egid:1008/1008, parent /usr/sbin/vsftpd[vsftpd:1769] uid/euid:65534/65534 gid/egid:65534/65534
Any idea what's going wrong? Or is this the expected behavior?