I recently upgraded a machine from FC6 to F7, and I used to use a /etc/dhclient-exit-hooks script to call some iptables functions after bringing up my external interface. This used to work on FC6 as long as I setsebool -P dhcpc_disable_trans 1, but the policy in F7 no longer contains such a boolean, so dhclient-script is prevented from getattr/executing iptables. Is there a simple fix to this, or do I need to write a policy and compile it? If the latter, any pointers on what the policy file should contain? Thanks for any help, tim -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
