SElinux and firestarter
Daniel J Walsh
dwalsh at redhat.com
Tue Jan 31 21:46:22 UTC 2006
Jonathan Underwood wrote:
> Hi,
>
> There appears to be issues with SElinux and the firestarter package
> available from fedora-extras. I have attached the errors from
> /var/log/messages upon boot to this email. I suspect it may be related
> to either dhcpd or kernel module loading upon boot, but I'm rather
> clueless about SElinux. If someone could give me some pointers on how
> to proceed with debugging this it would be really appreciated. I have
> reported the bug here:
>
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=179248
>
> This is with kernel 2.6.14-1.1656_FC4, libselinux-1.23.10-2,
> selinux-policy-targeted-1.27.1-2.16.
>
> I realize that I have probably not given enough information to debug
> this, but I am not sure what else would be useful.
>
> Many thanks,
> Jonathan
>
> ------------------------------------------------------------------------
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Looks like the problem here is hooking the dhclient program. This
causes the firestarter script to run in dhclient mode, and dhclient is
not allowed to do modutil and iptables.
More information about the fedora-selinux-list
mailing list