Choosing A Webhost:
A web hosting service is a type of Internet hosting service that allows individuals and organizations to provide their own website accessible via the World Wide Web. Web hosts are companies that provide space on a server they own for use by their clients as well as providing Internet connectivity, typically in a data center. Web hosts can also provide data center space and connectivity to the Internet for servers they do not own to be located in their data center, called colocation. more...
|
Re: NetworkManager: minor nit: msg#00099
|
Subject: |
Re: NetworkManager: minor nit |
Tom London wrote:
Running targeted/enforcing, latest rawhide.
I get the following AVC during boot:
type=AVC msg=audit(1124890934.835:9): avc: denied { read } for
pid=2734 comm="dhcdbd" name="dhclient-eth0.conf " dev=dm-0 ino=1276472
scontext=system_u:system_r:NetworkManager_t
tcontext=system_u:object_r:dhcp_etc_t tclass=file
type=SYSCALL msg=audit(1124890934.835:9): arch=40000003 syscall=33
success=no exit=-13 a0=bf9c1d48 a1=4 a2=bf9c21c8 a3=bf9c1d48 items=1
pid=2734 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0
sgid=0 fsgid=0 comm="dhcdbd" exe="/sbin/dhcdbd"
type=CWD msg=audit(1124890934.835:9): cwd="/"
type=PATH msg=audit(1124890934.835:9): item=0
name="/etc/dhclient-eth0.conf" flags=401 inode=1276472 dev=fd:00
mode=0100644 ouid=0 ogid=0 rdev=00:00
I have 2 files in /etc: /etc/dhclient-eth[01].conf, both are zero
length, and both are labeled dhcp_etc_t.
Changing the label for /sbin/dhcdbd from sbin_t -> dhcpc_exec_t makes
this AVC vanish.
This is the correct change.
Would it be 'better' to just add:
allow NetworkManager_t dhcp_etc_t:file read;
?
tom
--
Tom London
------------------------------------------------------------------------
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
--
|
| |
