From: bigon@debian.org (Laurent Bigonville)
Date: Thu, 26 May 2016 15:49:32 +0200
Subject: [refpolicy] resolv.conf managed by NetworkManager or networkd
Message-ID: <8eb3ec05-9937-d097-1cc7-52de9e459586@debian.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hello,

On systems running NetworkManager or systemd-networkd, the resolv.conf 
file is managed by that daemon and written in some private directory 
(/var/run/NetworkManager or /run/systemd/resolve/). A symlink 
/etc/resolv.conf is then created.

That means that application should be able to read a file that will be 
labeled as NetworkManager_var_run_t (or some other private type for 
networkd). One of the idea what to modify the sysnet_read_config() 
interface but this lead to compilation is due to boolean/optional policy 
mix.

An idea how to fix that?

Cheers,

Laurent Bigonville