Just updated all my SELinux policies to 20161023-r1 as they are now
stable, which undid one little fix, so I thought I would mention it.
Sysnetwork.te does not cover the possibility that dhcpcd may run
resolvconf from the dhcpc_script_t domain, which it seems is how my
dhcpcd works. This is fixed by adding:
optional_policy(`
resolvconf_client_domain(dhcpc_script_t)
')
to the dhcpc_script policy (end of the file). It seems like a reasonable
addition, given the same policy applies to the dhcpc_t domain.
Not sure if this sort of proposal should be filed as a bug or just
raised here?
Robert Sharp
