Description of problem: I get the following SELinux errors for NetworkManager and wpa_supplicant while trying to connect to a wireless network with WPA2. SELinux is preventing /usr/sbin/NetworkManager (NetworkManager_t) "unlink" to eth1 (var_run_t). SELinux is preventing /usr/sbin/wpa_supplicant (NetworkManager_t) "write" to eth1 (var_run_t) Stopped them occurring with: grep NetworkManager /var/log/audit/audit.log | audit2allow -v -M \ mynetworkmanager grep wpa_supplicant /var/log/audit/audit.log | audit2allow -v -M mywpasupplicant semodule -i mynetworkmanager.pp semodule -i mywpasupplicant.pp The attempt failed (that's a different problem :-( ) and another SELinux error: SELinux is preventing /usr/sbin/wpa_supplicant (NetworkManager_t) "rmdir" to wpa_supplicant (var_run_t) Fixed this with: grep wpa_supplicant /var/log/audit/audit.log | audit2allow -v -M mywpasupplicant2 semodule -i mywpasupplicant2.pp Do these need to be added to the standard distro or is it a problem peculiar to my environment? Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
This has been fixed with the latest policy selinux-policy-2.6.4-42 You might need to relabel /var/run restorecon -R -v /var/run
Thanks for your help. From where do I get selinux-policy-2.6.4-42? I can find only up to selinux- policy-2.6.4-35 in ..../updates/testing/7/i386. After installing it and running restorecon, will I need to reverse the changes I made with semodule, or will the update remove them?
Should be out there now. It was just released. It will add those rules, but not remove yours You can execute semodule -r mynetworkmanager semodule -r mywpasupplicant to remove your rules.
Thanks, I've just received the update.
Bulk closing a old selinux policy bugs that were in the modified state. If the bug is still not fixed. Please reopen.