On 04/25/13 04:54, Johan Vermeulen wrote: > Op 24-04-13 22:53, m.roth at 5-cent.us schreef: >> John R. Dennison wrote: >>> On Wed, Apr 24, 2013 at 03:06:11PM -0400, Daniel J Walsh wrote: >>>> Disabling SELinux is not going to fix your problem. Since the field is >>>> just showing you that you have extended attibutes assigned to yr files. >>>> >>>> Why not just script around it. >>>> >>>> ls -l | sed 's/\. / /g' >>>> >>>> Would replace all ". " from your output. >>> Because that would be too easy and people absolutely love to shoot >>> themselves in the face by disabling selinux. Because it is, as we all >>> know, ridiculously hard to manage. >> Don't get me started. I'm fighting it regularly. For example, >> SELinux is preventing /usr/bin/perl from getattr access on the file >> /sys/devices/system/node/node0/meminfo. For complete SELinux messages. >> >> And yes, I did post a few things to the selinux list.... > > thanks again for the reactions. > > This is the NetworkManager script I'm trying to use: <snip> > as far as I can test this at the moment, it works without Selinux and > doesn't work with Selinux enabled. > > I also want Selinux enabled. > So I will do some searching on how to make it work with Selinux. > Two things: unless this is a laptop, shut down NetworkManager - there is *no* use for it in a wired environment. And edit /etc/sysconfig/network-scripts/ifcfg-eth? so that they say NMCONTROLLED="no". network works just fine, and doesn't introduce the overhead. Second, check the selinux contexts - ll -Z, and if setroubleshoot isn't installed, you should do so. Running the sealert messages that show in /var/log/messages will frequently (NOT always) help you fix the context issues. mark -- mummy, n.: An Egyptian who was pressed for time.