Strict/enforcing.... ifconfig.te
Tom London
selinux at gmail.com
Thu Sep 9 17:31:09 UTC 2004
Dan,
[Rawhide repo seems to be down, so I may have incomplete download state...]
running .541, strict enforcing.
Installed latest stuff from your tree, and applied patches you sent out later.
Strict/enforcing now boots up to X/Gnome. (Can login and everything!).
Early failure configuring NICs. Suggest:
--- ifconfig.te 2004-09-08 11:05:53.000000000 -0700
+++ ifconfig.te.new 2004-09-09 10:28:05.467768274 -0700
@@ -24,7 +24,7 @@
domain_auto_trans(sysadm_t, ifconfig_exec_t, ifconfig_t)
# for /sbin/ip
-allow ifconfig_t self:netlink_route_socket { bind create getattr
nlmsg_read nlmsg_write read write };
+allow ifconfig_t self:netlink_route_socket { bind create getattr
nlmsg_read nlmsg_write read write setopt };
allow ifconfig_t self:tcp_socket { create ioctl };
allow ifconfig_t etc_t:file { getattr read };
[I'm sorry if I missed this in your patches. I applied them manually,
so I may have missed this one.]
--
Tom London
More information about the fedora-selinux-list
mailing list