---- Robert Nichols <rnicholsNOSPAM@xxxxxxxxxxx> wrote:
> Steve wrote:
> > I am attempting to figure out why my dhclient process sometimes gets the correct hostname from the server and sometimes it doesn't. I want to do this by turning on logging and sending the output to a temp file. I am running F9 and so I changed the line in /etc/sysconfig/network-scripts/ifup-eth from:
> >
> > if /sbin/dhclient ${DHCLIENTARGS} ${DEVICE}; then
> > if /sbin/dhclient ${DHCLIENTARGS} ${DEVICE} > /var/log/dhclient.log 2>&1; then
> >
> > after changing the DHCLIENTARGS switch -q to -v. When this runs at boot time I get an empty /var/log/dhclient.log file. When I try to run dhclient manually I get a SELinux denial:
> >
> > SELinux is preventing dhclient (dhcpc_t) "write" to /var/log/dhclient.log (var_log_t).
> >
> > OK, that makes sense so what do I have to modify to allow the log file to be written? This is just temporary so I'm hoping that I don't have to modify policies, rule files etc, etc. The simplest thing I can think of is to change to permissive mode but is there a better way?
>
> Another quick workaround is to pipe the output through 'cat' so that
> dhclient isn't writing directly to the file, but that gets a bit messy
> in the context of the "if ...; then":
>
> /sbin/dhclient ${DHCLIENTARGS} ${DEVICE} 2>&1 | cat >/var/log/dhclient.log
> if [ ${PIPESTATUS[0]} = 0 ]; then
> .
Thanks for everybody's suggestions. I might try them all just to see which one seems easiest.
Steve
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
