temp files & debugging
Robert Nichols
rnicholsNOSPAM at comcast.net
Mon Feb 9 18:12:35 UTC 2009
Steve wrote:
> I am attempting to figure out why my dhclient process sometimes gets the correct hostname from the server and sometimes it doesn't. I want to do this by turning on logging and sending the output to a temp file. I am running F9 and so I changed the line in /etc/sysconfig/network-scripts/ifup-eth from:
>
> if /sbin/dhclient ${DHCLIENTARGS} ${DEVICE}; then
> if /sbin/dhclient ${DHCLIENTARGS} ${DEVICE} > /var/log/dhclient.log 2>&1; then
>
> after changing the DHCLIENTARGS switch -q to -v. When this runs at boot time I get an empty /var/log/dhclient.log file. When I try to run dhclient manually I get a SELinux denial:
>
> SELinux is preventing dhclient (dhcpc_t) "write" to /var/log/dhclient.log (var_log_t).
>
> OK, that makes sense so what do I have to modify to allow the log file to be written? This is just temporary so I'm hoping that I don't have to modify policies, rule files etc, etc. The simplest thing I can think of is to change to permissive mode but is there a better way?
Another quick workaround is to pipe the output through 'cat' so that
dhclient isn't writing directly to the file, but that gets a bit messy
in the context of the "if ...; then":
/sbin/dhclient ${DHCLIENTARGS} ${DEVICE} 2>&1 | cat >/var/log/dhclient.log
if [ ${PIPESTATUS[0]} = 0 ]; then
.
.
.
--
Bob Nichols "NOSPAM" is really part of my email address.
Do NOT delete it.
More information about the fedora-selinux-list
mailing list