From 38f03b2d6ca0a83846171a0f57b0ae3834f6c2a5 Mon Sep 17 00:00:00 2001
From: Tomasz Plaza <tomasz.plaza@grupawp.pl>
Date: Mon, 2 Jul 2018 08:51:17 +0200
Subject: Note about selinux rules used by router plugin and log added about
 sendmsg error in netlink.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Change-Id: Id761357ae5842e66d3425ec5e949ac284dca98cf
Signed-off-by: Tomasz Płaza <tomasz.plaza@gmail.com>
---
 netlink/librtnl/rtnl.c | 5 ++++-
 router/README.md       | 8 ++++++++
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/netlink/librtnl/rtnl.c b/netlink/librtnl/rtnl.c
index 14ea0e8..a849dc6 100644
--- a/netlink/librtnl/rtnl.c
+++ b/netlink/librtnl/rtnl.c
@@ -32,6 +32,7 @@
 #include <sys/types.h>
 #include <sys/wait.h>
 #include <errno.h>
+#include <string.h>
 
 #undef DBL_MAX
 #define DBL_MAX 1000000000.0
@@ -142,8 +143,10 @@ int rtnl_dump_request(rtnl_ns_t *ns, int type, void *req, size_t len)
     .msg_iov = iov,
     .msg_iovlen = 2,
   };
-  if(sendmsg(ns->rtnl_socket, &msg, 0) < 0)
+  if(sendmsg(ns->rtnl_socket, &msg, 0) < 0) {
+    clib_warning("sendmsg error: %s", strerror(errno));
     return -1;
+  }
   return 0;
 }
 
diff --git a/router/README.md b/router/README.md
index b3ec5ae..8527bd0 100644
--- a/router/README.md
+++ b/router/README.md
@@ -90,6 +90,14 @@ $vppctl show mpls fib
 
 You should see dst label and interface in mpls table.
 
+### Selinux
+
+Router plugin needs those rules to work under selinux enforcing mode:
+
+```
+allow vpp_t self:netlink_route_socket nlmsg_read;
+```
+
 ### Main contributors
 
 Jeff Shaw - LF-ID:jbshaw, Chad Chengwei Wang - LF-ID:flinter (MPLS)
-- 
cgit 1.2.3-korg