Package: selinux-policy-default Version: 2:2.20161023.1-9 Severity: normal type=AVC msg=audit(1505299977.725:20): avc: denied { add_name } for pid=565 comm="brctl" name="hello_time" scontext=system_u:system_r:brctl_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1505299977.729:21): avc: denied { add_name } for pid=566 comm="brctl" name="stp_state" scontext=system_u:system_r:brctl_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir permissive=0 type=AVC msg=audit(1505299977.729:22): avc: denied { add_name } for pid=568 comm="brctl" name="forward_delay" scontext=system_u:system_r:brctl_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir permissive=0
brctl when run from whatever parses /etc/network/interfaces gets the above when creating a bridge interface. It still appears to work for basic functions but presumably doesn't set the hello time and forward delay properly (stp is set as desired). -- System Information: Debian Release: 9.1 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1), LANGUAGE=en_AU:en (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages selinux-policy-default depends on: ii libselinux1 2.6-3+b1 ii libsemanage1 2.6-2 ii libsepol1 2.6-2 ii policycoreutils 2.6-3 ii selinux-utils 2.6-3+b1 Versions of packages selinux-policy-default recommends: ii checkpolicy 2.6-2 ii setools 4.0.1-6 Versions of packages selinux-policy-default suggests: pn logcheck <none> pn syslog-summary <none> -- no debconf information _______________________________________________ SELinux-devel mailing list SELinux-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel