On Wed, Sep 28, 2016, at 02:06 PM, Guido Trentalancia wrote: > When SELinux is enabled, do not create a symbolic link to a "resolv.conf" > file outside /etc (e.g. in /var/run/NetworkManager), but instead create a > regular file in /etc. > > This is to avoid creating policy permissions to read files in the other > non-standard "resolv.conf" directories for each application that needs to > access the network.
Maybe better to: 1) Standardize e.g. `/run/resolv.conf` and have labeling set up for it 2) Change NetworkManager to label the file as `etc_t` which it likely has permission to do so already _______________________________________________ networkmanager-list mailing list [email protected] https://mail.gnome.org/mailman/listinfo/networkmanager-list
