Re: Make a DHCP server using Fedora - Help

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

--- On Sun, 11/16/08, Mike Cloaked <mike.cloaked@xxxxxxxxx> wrote:

> From: Mike Cloaked <mike.cloaked@xxxxxxxxx>
> Subject: Re: Make a DHCP server using Fedora - Help
> To: fedora-list@xxxxxxxxxx
> Date: Sunday, November 16, 2008, 2:19 AM
> Antonio Olivares wrote:
> > 
> > 
> > I might go to work and try it out.  I will change the
> numbers and also add
> > more time in the leases.  I have been given great
> advice by several
> > helpful people, notably yourself, Tim and Marko (also
> Paul H. for selinux
> > denying dhpcd).  I have to make the changes in the
> /etc/dhcpd.conf file
> > and try it out.  I will test with a Windows 2000
> machine and a Fedora
> > rawhide box and upon success or failure.  I will
> report back.
> > 
> > 
> 
> I did not see the reply from Paul H on fixing the SElinux
> issues - was this
> a private reply?
no, to fedora-selinux-list
thread:  avc: denied { write } for pid=5267 comm="dhcpd" name="dhcpd.pid"
>  If so could you let us know the fix - as
> I will be moving
> to a machine running DHCP with SElinux enabled when F10
> comes out.
see below :) 
> 
> Thanks
> Mike
> -- 
> View this message in context:
> http://www.nabble.com/Make-a-DHCP-server-using-Fedora---Help-tp20511161p20523913.html
> Sent from the Fedora List mailing list archive at
> Nabble.com.
> 
> -- 

I encountered an error/avc denial:
running 
# tail -f /var/log/messages:

--------------------------------------------------------------------------
Nov 14 20:03:40 localhost kernel: type=1400
audit(1226714620.135:183): avc:  denied  { read } for  pid=5267
comm="dhcpd" name="dhcpd.pid" dev=dm-0 ino=3244731
scontext=unconfined_u:system_r:dhcpd_t:s0
tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file Nov 14
20:03:40 localhost kernel: type=1400 audit(1226714620.135:184): avc:
denied  { write } for  pid=5267 comm="dhcpd" name="dhcpd.pid"
dev=dm-0 ino=3244731scontext=unconfined_u:system_r:dhcpd_t:s0
tcontext=unconfined_u:object_r:var_run_t:s0 tclass=file Nov 14
20:03:40 localhost dhcpd: Can't create PID file /var/run/dhcpd.pid:
Permission denied.
 
How can I allow it to work?  
 
Setroubleshoot has not kicked in to warn me so I do not know a fix as
of this moment :(  

/var/run/dhcpd.pid should be dhcpd_var_run_t, not var_run_t.
--------------------------------------------------------------------------
Paul replied: 

Try:
# restorecon -v /var/run /var/run/dhcpd.pid

Paul.
--------------------------------------------------------------------------

Now I do not get the denial.  I sent the message to fedora-selinux-list@xxxxxxxxxx and Paul answered my question/plea for help.

Regards,

Antonio




      

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux