"Miroslav Grepl wrote:"
On 01/25/2012 03:39 AM, David Highley wrote:
> Must be an order issue at boot time. We did a reboot today after a
> kernel update and saw the following even though we have,
> selinux-policy-3.10.0-72.fc16.noarch:
> getsebool allow_ypbind
> allow_ypbind --> on
What does
# sesearch -A -s httpd_t -t var_yp_t -C
sesearch -A -s httpd_t -t var_yp_t -C
Found 4 semantic av rules:
allow httpd_t file_type : filesystem getattr ;
DT allow nsswitch_domain var_yp_t : file { ioctl read getattr lock open } ; [ allow_ypbind
]
DT allow nsswitch_domain var_yp_t : dir { ioctl read getattr lock search open } ; [
allow_ypbind ]
DT allow nsswitch_domain var_yp_t : lnk_file { read getattr } ; [ allow_ypbind ]
# getsebool allow_ypbind
getsebool allow_ypbind
allow_ypbind --> on