Displaying 1 result from an estimated 1 matches for "qtnoin".
Did you mean:
qtnid
2011 Aug 02
5
selinux issues
...R}/proxyarp
qt is defined as:
qt()
{
"$@" >/dev/null 2>&1
}
This can trigger some selinux denial messages because the /sbin/ip command has
read access via stdin to /var/lib/shorewall/proxyarp (which it doesn''t really
need). I think the proper fix is to define qtnoin() as:
qtnoin()
{
"$@" </dev/null >/dev/null 2>&1
}
As use that where appropriate. I actually only see one instance where qt is
used in a pipe, but it is probably still clearer with qtnoin.
So, before I put a lot of effort into this, would a patch implementing this...