Created attachment 109785 [details] NetworkManager SELinux denial msgs
The latest NetworkManager-0.3.3-1.cvs20050112.3.i386 has added bind code to handle /etc/resolv.conf * Wed Jan 12 2005 <dcbw> - 0.3.3-1.cvs20050112 - Use bind in "caching-nameserver" mode to work around stupidity in glibc's resolver library not recognizing resolv.conf changes Once I started the new NetworkManager daemon I noticed that my wired device was getting an IP ... however named was not starting so hostnames were not resolving. I have attached the SELinux denial messages I encountered. made the following policy corrections, make, make reload ... and all seems well. allow named_t initrc_tmp_t:file read; allow named_t initrc_tmp_t:file getattr; allow named_t initrc_tmp_t:file unlink; allow named_t proc_net_t:dir search; allow named_t proc_net_t:file read; allow named_t proc_net_t:file getattr;
Over to Walters... we use bind in a caching-nameserver functionality to work around glibc not noticing changes to /etc/resolv.conf.
This is a bug in NetworkManager. So I am transfering it over to them, NetworkManager should be creating its files in /var/named/data directory I added proc_net support for named selinux-policy-targeted-1.21.2-5
Should be fixed in rawhide now.