Re: having trouble getting dhcpd started

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Sun, 2005-06-19 at 16:05 -0400, Jon August wrote:
> Ah ha!  So it is SELinux.  How do I tell SELinux to let this happen?   
> (major SELinux newbie)

Wait for Dan to merge the following patch..
this is clearly a policy bug.

Otherwise you can patch policy sources yourself...

diff -Naur --exclude-from=excludes policy.orig/domains/program/samba.te policy/domains/program/samba.te
--- policy.orig/domains/program/samba.te	2005-06-16 17:52:27.000000000 -0400
+++ policy/domains/program/samba.te	2005-06-18 16:39:04.000000000 -0400
@@ -9,7 +9,7 @@
 # Declarations for Samba
 #
 
-daemon_domain(smbd, `, auth_chkpwd')
+daemon_domain(smbd, `, auth_chkpwd, nscd_client_domain')
 daemon_domain(nmbd)
 type samba_etc_t, file_type, sysadmfile, usercanread;
 type samba_log_t, file_type, sysadmfile, logfile;
diff -Naur --exclude-from=excludes policy.orig/macros/program/mozilla_macros.te policy/macros/program/mozilla_macros.te
--- policy.orig/macros/program/mozilla_macros.te	2005-06-16 17:52:27.000000000 -0400
+++ policy/macros/program/mozilla_macros.te	2005-06-18 16:28:27.000000000 -0400
@@ -120,6 +120,8 @@
 ifdef(`mplayer.te', `
 domain_auto_trans($1_mozilla_t, mplayer_exec_t, $1_mplayer_t)
 dontaudit $1_mplayer_t $1_mozilla_home_t:file { read write };
+dontaudit $1_mplayer_t $1_mozilla_t:unix_stream_socket { read write };
+dontaudit $1_mplayer_t $1_mozilla_home_t:file { read write };
 ')dnl end if mplayer.te  
 
 ######### Launch email client, and make webcal links work
diff -Naur --exclude-from=excludes policy.orig/net_contexts policy/net_contexts
--- policy.orig/net_contexts	2005-06-16 17:52:27.000000000 -0400
+++ policy/net_contexts	2005-06-19 16:15:05.000000000 -0400
@@ -50,10 +50,9 @@
 portcon udp 53 system_u:object_r:dns_port_t
 portcon tcp 53 system_u:object_r:dns_port_t
 
-ifdef(`dhcpc.te', `
 portcon udp 67  system_u:object_r:dhcpd_port_t
 portcon udp 68  system_u:object_r:dhcpc_port_t
-')
+
 ifdef(`tftpd.te', `portcon udp 69  system_u:object_r:tftp_port_t')
 ifdef(`fingerd.te', `portcon tcp 79  system_u:object_r:fingerd_port_t')
 

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux