Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 169164 - separate /var/lib/{dhcpd,dhclient} directories for improved SELinux policy
Summary: separate /var/lib/{dhcpd,dhclient} directories for improved SELinux policy
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: dhcp
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Jason Vas Dias
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: FC5Target
TreeView+ depends on / blocked
 
Reported: 2005-09-23 20:39 UTC by Jason Vas Dias
Modified: 2007-11-30 22:11 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-11-28 19:45:16 UTC


Attachments (Terms of Use)

Description Jason Vas Dias 2005-09-23 20:39:02 UTC
Description of problem:

Make dhcpd use /var/lib/dhcpd/dhcpd.leases, and dhclient use
/var/lib/dhclient/dhclient*.leases, to permit improved SELinux
policy, at the request of the SELinux maintainer. 

Version-Release number of selected component (if applicable):
dhcp-3.0.3-6(-)

Comment 1 Jason Vas Dias 2005-09-23 21:25:27 UTC
This is now done with dhcp-3.0.3-7, in rawhide-20050924 - 
dhclient uses /var/lib/dhclient/dhclient.leases by default,
and dhcpd uses /var/lib/dhcpd/dhcpd.leases by default.

The DEFAULT location of dhclient.leases is now /var/lib/dhclient/dhclient.leases.
Note that this will require an initscripts change to take effect:
  /etc/sysconfig/network-scripts/ifup-eth, line 163:
      DHCLIENTARGS=...-lf /var/lib/dhcp/dhclient-${DEVICE}.leases
  should be:
      DHCLIENTARGS=...-lf /var/lib/dhclient/dhclient-${DEVICE}.leases

  /etc/sysconfig/network-scripts/ifdown-eth, line 63:
      /sbin/dhclient ... -lf /var/lib/dhcp/dhclient-${DEVICE}.leases
  should be:
      /sbin/dhclient ... -lf /var/lib/dhclient/dhclient-${DEVICE}.leases

Also 'dhcdbd' will have to be changed to use the new dhclient.leases file.

dhcpd is now OK with using the /var/lib/dhcpd/dhcpd.leases file, but this 
won't work with SELinux in Enforcing mode until the new SELinux policy is in.


Comment 2 Ville Skyttä 2005-11-27 23:34:49 UTC
ifup-eth and ifdown-eth still point to the old (wrong) location for dhclient
leases in FC5test1, initscripts-8.17-1.

Comment 3 Bill Nottingham 2005-11-28 19:45:16 UTC
Added, will be in 8.18-1.


Note You need to log in before you can comment on or make changes to this bug.