Fresh rawhide install / AVC messages
Steven Bonneville
sbonnevi at redhat.com
Wed Mar 10 18:47:56 UTC 2004
Russell Coker <russell at coker.com.au> wrote:
> > > The problem we face is that the dhcp client as a standard function will
> > > replace /etc/resolv.conf. The /etc/resolv.conf file is given the type
> > > resolv_conf_t because so many programs want to re-write it.
> > >
> > > Now we can give the ntpd config file the same type. But in that case we
> > > will probably want to rename it to net_conf_t or something.
> > >
> > > This is all conditional on this being standard functionality of the dhcp
> > > client. If it's your customisation then you can just change ntpd.fc to
> > > label the file as resolv_conf_t. Although I suspect that if this is a
> > > customisation of yours it'll become a standard thing soon enough, it
> > > sounds like a good idea!
> >
> > net_conf_t sounds good. I'd imagine we are going to encouter other cases
> > besides resolv.conf and ntp.conf.
>
> What else might we have?
>
> net_conf_t doesn't seem ideal to me, but I can't think of anything better at
> the moment.
>
> Also one other thing to note is that /etc/yp.conf has the same type, this may
> not be what we want.
As far as /etc/yp.conf goes, that's exactly what we want. I was going to
add that dhclient may also mess with /etc/yp.conf if it gets the right
options in the DHCP response.
-- Steve Bonneville
More information about the fedora-selinux-list
mailing list