Paul Moore
Paul Moore
NOTE: The Red Hat bugzilla entry requires a login and is not publicly accessible.
That's interesting. I haven't traced the code path in question, but a AVC denial indicates that SELinux is blocking the module request due to the loaded policy (i.e. dhcp_t is...
> My standpoint it that if not allowed, such denials should rather be exposed than dontaudited. That's a reasonable position, I was simply mentioning it as a solution to the...
> My first thought was to see if there was a way to configure glibc to disable IPv6, eliminating the source of the problem? I personally haven't tried it, but...
Hi @hqh2010, thanks for debugging this and submitting a PR! I haven't had a chance to properly review it, but we generally ask for Linux Kernel patches to be sent...
Hi @hqh2010, I just wanted to check to see if you are going to be able to submit this to the audit mailing list? If not, can we at least...
That would be great, thank you @Avenger-285714 (and @hqh2010)!
Hi @ramzcode, last I saw @Avenger-285714 was planning to submit a kernel patch to address the problem so I was waiting on that to happen. If @Avenger-285714 is not able...
Unfortunately it's hard to draw any conclusions using a stacktrace from a custom kernel. Are you able to reproduce the problem on a modern kernel, or at the very least...
> @pcmoore I can try that, but there's really not much difference and nothing related to audit. Sometimes unrelated changes can have a surprising impact :) For that reason, as...