SELinux is preventing chkconfig (dhcpc_t) "search" to (user_home_dir_t). Source Context: system_u:system_r:dhcpc_t:s0 Target Context: system_u:object_r:user_home_dir_t:s0 Target Objects: None [ dir ] avc: denied { search } for comm=chkconfig dev=dm-3 name=root pid=16995 scontext=system_u:system_r:dhcpc_t:s0 tclass=dir tcontext=system_u:object_r:user_home_dir_t:s0
When do you get this?
This happens if you run 'ifup' in /root/ (not sure about other locations, didn't try them)
dhclient-script uses chkconfig to attempt to do some deranged service restarting w.r.t. ypbind. I'm debating whether it should be taken out and shot repeatedly.
(i.e., don't change policy just yet)
Oh, ick. One vote for taking it out...
I do too.
Created attachment 237481 [details] patch for this Here's a patch that: - doesn't actually use chkconfig to check the runlevel, as it's superfluous (you can just check if ypbind is running) - uses coreutils readlink rather than busybox (!)
Bill, thanks for the patch. Really hate that script. But it's slowly becoming sane. Or maybe I'm becoming insane. I just recently gutted all of the dhcdbd hacks in that script, so bring on more minus signs.