Hide Forgot
Description of problem: /etc/network-scripts/ifcfg-eth0: NM_CONTROLLED="no" BOOTPROTO="dhcp" # service network restart Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: Determining IP information for eth0...mv: cannot move `/etc/yp.conf' to `/var/lib/dhclient/yp.conf.predhclient.eth0': Permission denied /etc/dhcp/dhclient.d/nis.sh: line 55: /etc/yp.conf: Permission denied /etc/dhcp/dhclient.d/nis.sh: line 63: /etc/yp.conf: Permission denied done. [ OK ] Version-Release number of selected component (if applicable): ypbind-1.20.4-29.el6.x86_64
See also: 593278 (I cannot update the bug form field - please add it there if you have the permission)
This seems to be a workaround: # fixfiles onboot
Can you tell me what SELinux context /etc/yp.conf has when you're encountering the error? $ ls -Z /etc/yp.conf There are probably some SELinux messages in /var/log/messages related to this error. Can you provide them, please?
# ls -Z /etc/yp.conf -rw-r--r--. root root system_u:object_r:etc_runtime_t:s0 /etc/yp.conf # tail /var/log/messages Apr 26 15:34:10 dumas NET[2892]: /sbin/dhclient-script : updated /etc/resolv.conf Apr 26 15:34:10 dumas kernel: type=1400 audit(1335447250.324:5): avc: denied { rename } for pid=2900 comm="mv" name="yp.conf" dev=sda2 ino=391693 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file Apr 26 15:34:10 dumas kernel: type=1400 audit(1335447250.400:6): avc: denied { write } for pid=2858 comm="dhclient-script" name="yp.conf" dev=sda2 ino=391693 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file Apr 26 15:34:10 dumas kernel: type=1400 audit(1335447250.400:7): avc: denied { write } for pid=2858 comm="dhclient-script" name="yp.conf" dev=sda2 ino=391693 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file Apr 26 15:34:10 dumas kernel: type=1400 audit(1335447250.401:8): avc: denied { append } for pid=2858 comm="dhclient-script" name="yp.conf" dev=sda2 ino=391693 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file Apr 26 15:34:10 dumas kernel: type=1400 audit(1335447250.401:9): avc: denied { append } for pid=2858 comm="dhclient-script" name="yp.conf" dev=sda2 ino=391693 scontext=unconfined_u:system_r:dhcpc_t:s0 tcontext=system_u:object_r:etc_runtime_t:s0 tclass=file
(In reply to comment #5) > # ls -Z /etc/yp.conf > -rw-r--r--. root root system_u:object_r:etc_runtime_t:s0 /etc/yp.conf This is not correct SELinux content, the correct one is: # ls -Z /etc/yp.conf -rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/yp.conf Please, try to fix it by running: # restorecon /etc/yp.conf Or if you suspect other files in /etc can have a wrong context as well, fix the whole directory: # restorecon -r /etc Did this help?
(In reply to comment #6) > Or if you suspect other files in /etc can have a wrong context as well, fix the > whole directory: > # restorecon -r /etc I ran "fixfiles onboot" on one machine - does that do the same thing? > Did this help? Yes, but I do not understand how this happened in the first place, since the system was freshly installed. Since I used the Scientific Linux installer, I assume this does not matter to you and the bugreport can be closed.
(In reply to comment #7) > (In reply to comment #6) > > Or if you suspect other files in /etc can have a wrong context as well, fix the > > whole directory: > > # restorecon -r /etc > I ran "fixfiles onboot" on one machine - does that do the same thing? Yes. > > Did this help? > Yes, but I do not understand how this happened in the first place, since the > system was freshly installed. Since I used the Scientific Linux installer, I > assume this does not matter to you and the bugreport can be closed. OK, closing.