On Wed, 2008-06-25 at 17:51 +0100, Martin Orr wrote: > Without this patch, I see no output from dhclient when it is run during boot. > There is no avc message because it is dontaudited in init_daemon_domain. > > Index: policy/modules/system/sysnetwork.te > =================================================================== > --- policy/modules/system/sysnetwork.te.orig > +++ policy/modules/system/sysnetwork.te > @@ -126,6 +126,7 @@ > files_dontaudit_search_locks(dhcpc_t) > > init_rw_utmp(dhcpc_t) > +init_use_fds(dhcpc_t) > > logging_send_syslog_msg(dhcpc_t) I would think that allowing it to write to the console would be required to make this work too. If thats the case I'm not sure we want it; I don't think we want daemons writing to the console. -- Chris PeBenito Tresys Technology, LLC (410) 290-1411 x150 -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
