Dear fellow selinux experts, I am trying to make one of my machines a dhcp server to connect other machines to the internet, see thread in Fedora list if applicable, I have achieved a breakthrough, but selinux denies it :( [root@localhost ~]# dhcpd -f Internet Systems Consortium DHCP Server 4.0.0 Copyright 2004-2007 Internet Systems Consortium. All rights reserved. For info, please visit http://www.isc.org/sw/dhcp/ Warning: subnet 10.154.19.0/27 overlaps subnet 10.154.19.0/24 Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Wrote 0 leases to leases file. Listening on LPF/eth0/00:0e:a6:42:59:af/10.154.19.0/24 Sending on LPF/eth0/00:0e:a6:42:59:af/10.154.19.0/24 Sending on Socket/fallback/fallback-net ^C [root@localhost ~]# service dhcpd stop [root@localhost ~]# service dhcpd start Starting dhcpd: [ OK ] but now selinux gets in the way :( Nov 14 20:03:40 localhost kernel: type=1400 audit(1226714620.135:183): avc: denied { read } for pid=5267 comm="dhcpd" name="dhcpd.pid" dev=dm-0 ino=3244731 scontext=unconfined_u:system_r:dhcpd_t:s0 tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file Nov 14 20:03:40 localhost kernel: type=1400 audit(1226714620.135:184): avc: denied { write } for pid=5267 comm="dhcpd" name="dhcpd.pid" dev=dm-0 ino=3244731scontext=unconfined_u:system_r:dhcpd_t:s0 tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file Nov 14 20:03:40 localhost dhcpd: Can't create PID file /var/run/dhcpd.pid: Permission denied. How can I allow it to work? Setroubleshoot has not kicked in to warn me so I do not know a fix as of this moment :( Regards, Antonio -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
