Bug 1204920
Summary: | SELinux prevents quagga from writing it's config | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | William Taylor <williamt> |
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> |
Status: | CLOSED NOTABUG | QA Contact: | Milos Malik <mmalik> |
Severity: | urgent | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.0 | CC: | lvrabec, mgrepl, mmalik, plautrba, pvrabec, ssekidde |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | x86_64 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-04-09 09:02:32 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
William Taylor
2015-03-23 18:36:52 UTC
# getsebool zebra_write_config zebra_write_config --> off # vtysh Hello, this is Quagga (version 0.99.22.4). Copyright 1996-2005 Kunihiro Ishiguro, et al. rhel71.localdomain# write Building Configuration... Can't open configuration file /etc/quagga/zebra.conf.93FuHC. Can't open configuration file /etc/quagga/bgpd.conf.7sj2bD. [OK] # If you enable the zebra_write_config boolean then bgpd and zebra will be able to write their configuration files. # getsebool zebra_write_config zebra_write_config --> on # vtysh Hello, this is Quagga (version 0.99.22.4). Copyright 1996-2005 Kunihiro Ishiguro, et al. rhel71.localdomain# write Building Configuration... Configuration saved to /etc/quagga/zebra.conf Can't backup old configuration file /etc/quagga/bgpd.conf.sav. [OK] # Why is it by default not allowed to write it's config? We don't want to allow daemons to write own config files by default if possible. You can read more using man zebra_selinux |