Check out the attached resolvconf.patch diff which contains resolvconf
policy I wrote few days ago. I'm not able to test this policy due to
lack of time. Also you might need to patch sysnetwork policy with
following diff:
----8<----8<----
--- refpolicy-0.0.20071214-classic/policy/modules/system/sysnetwork.fc
2008-02-14 20:57:46.000000000 +0530
+++ refpolicy-0.0.20071214/policy/modules/system/sysnetwork.fc 2008-04-23
03:59:07.000000000 +0530
@@ -17,6 +17,10 @@
/etc/dhcp3(/.*)? gen_context(system_u:object_r:dhcp_etc_t,s0)
/etc/dhcp3?/dhclient.* gen_context(system_u:object_r:dhcp_etc_t,s0)
+ifdef(`distro_debian',`
+/etc/resolv\.conf.* -l gen_context(system_u:object_r:net_conf_t,s0)
+')
+
ifdef(`distro_redhat',`
/etc/sysconfig/network-scripts/.*resolv\.conf --
gen_context(system_u:object_r:net_conf_t,s0)
/etc/sysconfig/networking/profiles/.*/resolv\.conf --
gen_context(system_u:object_r:net_conf_t,s0)
--- refpolicy-0.0.20071214-classic/policy/modules/system/sysnetwork.if
2008-02-14 20:57:46.000000000 +0530
+++ refpolicy-0.0.20071214/policy/modules/system/sysnetwork.if 2008-04-23
15:24:57.000000000 +0530
@@ -493,6 +493,10 @@
files_search_etc($1)
allow $1 net_conf_t:file read_file_perms;
+
+ ifdef(`distro_debian',`
+ resolvconf_read_dns_config($1)
+ ')
')
########################################
---->8---->8----
The resolvconf_read_dns_config($1) in above diff can be enclosed in an
"optional_policy" block also, but doing this will lead to errors in
compilation of other modules, e.g. apache.
HTH
** Attachment added: "resolvconf.patch"
http://launchpadlibrarian.net/13997290/resolvconf.patch
--
/etc/resolv.conf needs to be labelled correctly for SELinux
https://bugs.launchpad.net/bugs/220752
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
