NetworkManager: minor nit

Tom London selinux at
Wed Aug 24 14:18:56 UTC 2005

Running targeted/enforcing, latest rawhide.

I get the following AVC during boot:

type=AVC msg=audit(1124890934.835:9): avc: denied { read } for pid=2734 
comm="dhcdbd" name="dhclient-eth0.conf" dev=dm-0 ino=1276472 
tcontext=system_u:object_r:dhcp_etc_t tclass=file
type=SYSCALL msg=audit(1124890934.835:9): arch=40000003 syscall=33 
success=no exit=-13 a0=bf9c1d48 a1=4 a2=bf9c21c8 a3=bf9c1d48 items=1 
pid=2734 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 
fsgid=0 comm="dhcdbd" exe="/sbin/dhcdbd"
type=CWD msg=audit(1124890934.835:9): cwd="/"
type=PATH msg=audit(1124890934.835:9): item=0 name="/etc/dhclient-eth0.conf" 
flags=401 inode=1276472 dev=fd:00 mode=0100644 ouid=0 ogid=0 rdev=00:00

I have 2 files in /etc: /etc/dhclient-eth[01].conf, both are zero length, 
and both are labeled dhcp_etc_t.

Changing the label for /sbin/dhcdbd from sbin_t -> dhcpc_exec_t makes this 
AVC vanish. 

Would it be 'better' to just add:
allow NetworkManager_t dhcp_etc_t:file read;

Tom London
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the fedora-selinux-list mailing list