Red Hat Bugzilla – Bug 311481
SELinux kills NM and denies dhclient to write resolve.conf
Last modified: 2007-11-30 17:12:17 EST
Description of problem:
AVC denials are attached.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Have eth0 and eth1, eth1 should recieve IP thru dhcp request. First eth0 is
configured with 169.x.x.x switching to eth1 assigns IP, manualy configuring eth0
to 192.168.0.1, activate eth0 - AVC denial, NM rotatest after clicking on it NM
Starting dhclient manualy on eth1 generates AVC denial.
Created attachment 210761 [details]
NM before crash AVC
Created attachment 210771 [details]
dhclient deny resolv.conf write
Somehow your resolv.conf got the wrong label on it. restorecon -R -v
/etc/resolv.conf will fix.
Ok, this fix it, but I can reproduce it with described steps again. This means
something - probably system-config-network - handles the resolv.conf in the way
that the correct context is removed. Could be this is not a problem of policy,
but of system-config-network.
Yes I am reassinging. system-config-network should be setting the file context
correctly when it creates the files. It can do this using the selinux python
bindings or by executing restorecon.
This problem still occures in F8T3.