Re: dhcpd refuses to start after fresh FC4 install

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Am Mo, den 20.06.2005 schrieb Claude Jones um 16:31:

> > https://www.redhat.com/archives/fedora-selinux-list/2005-June/msg00145.html
> >
> Thanks Alexander. I came across that same post just before reading Paul's 
> response. The proposed solution is way over my head. It seems to be 
> discussing Samba as opposed to what the subject line says, also. For now, 
> I've turned off the restrictive policy on dhcpd in Selinux till I can figure 
> this out. The Selinux man page tells you next to nothing, so I shall go look 
> at the Selinux website today and see what I can find.

> Claude Jones

The policy patch covers 3 issues. The part relevant for your dhcpd issue
is just:

diff -Naur --exclude-from=excludes policy.orig/net_contexts
policy/net_contexts
--- policy.orig/net_contexts	2005-06-16 17:52:27.000000000 -0400
+++ policy/net_contexts	2005-06-19 16:15:05.000000000 -0400
@@ -50,10 +50,9 @@
 portcon udp 53 system_u:object_r:dns_port_t
 portcon tcp 53 system_u:object_r:dns_port_t
 
-ifdef(`dhcpc.te', `
 portcon udp 67  system_u:object_r:dhcpd_port_t
 portcon udp 68  system_u:object_r:dhcpc_port_t
-')
+
 ifdef(`tftpd.te', `portcon udp 69  system_u:object_r:tftp_port_t')
 ifdef(`fingerd.te', `portcon tcp 79  system_u:object_r:fingerd_port_t')

This is diff style and line beginning with "-" will be removed by applying the patch, those
starting with "+" are added.
I can't comment whether this patch will be accepted by the maintainer. But replying to
himself Ivan Gyurdiev corrected his suggestion and the "ifdef" shouldn't be erased completely,
but only enclose the dhcpc part. Means, move the line 

portcon udp 67  system_u:object_r:dhcpd_port_t

up to be above line

ifdef(`dhcpc.te', `

*if you want to put your hands on the policy file yourself*. Else wait for an official policy update
package.

Alexander
 

-- 
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.27_FC2smp 
Serendipity 16:38:00 up 27 days, 15:15, load average: 0.33, 0.26, 0.22

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux