[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

FC4 dhcp, firestarter and SE Linux permission denied messages



I appear to be having audit problems with some of the things that
firestarter wants to do when starting up and SE Linux.  Initially dhcpd
was giving errors and I found that dhcpd.conf contained some really
strange IP addresses (136.54.10.8, whois -> Ford motor company???) as
the subnet, netmask, etc.  Got that straighted out and firestarter
appears to be starting though I haven't plugged my home network into it
yet to check.

I am still getting errors when in the graphical part of the boot when
services are starting (sorry, don't know the proper name) from
firestarter about cp and "resolv.conf.predhclient" and some output from
the dhcpd.

Checking /var/log/messages I have found ~57 lines like:

Jun 29 08:55:24 localhost kernel: audit(1120049722.072:2): avc:  denied
{ write } for  pid=1791 comm="cp" name=resolv.conf.predhclient dev=hda3
ino=680749 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
Jun 29 08:55:24 localhost kernel: audit(1120049722.072:3): avc:  denied
{ unlink } for  pid=1791 comm="cp" name=resolv.conf.predhclient dev=hda3
ino=680749 scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:etc_runtime_t tclass=file
Jun 29 08:55:24 localhost kernel: audit(1120049722.164:4): avc:  denied
{ execute } for  pid=1831 comm="sh" name=modprobe dev=hda3 ino=129716
scontext=system_u:system_r:dhcpc_t
tcontext=system_u:object_r:insmod_exec_t tclass=file

about modeprobe and iptables also.

I've read the messages about "Re: Can't bind to dhcp address: Permission
denied??" and tried Alexander's disable and reenable the protection on
dhcpd and it didn't work.

All of the message that I've kept from the past couple of weeks on dhcp
haven't really helped, nor the messages about the policies.

I've got VERY little knowledge of SE Linux policies, messages, and
commands, so any help would be GREATLY appreciated

Dave


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]