problem with selinux and openvpn
Ron Yorston
rmy at tigress.co.uk
Mon Jun 11 09:03:11 UTC 2007
Roger Grosswiler <roger at gwch.net> wrote:
>Since f7, openvpn does no longer run in enforcing mode.
>
>audit2allow brings me this:
>
>require {
> type openvpn_t;
> type var_t;
> type openvpn_var_run_t;
> type hald_t;
> type openvpn_etc_t;
> class file write;
> class dir { write search add_name };
>}
>
>#============= hald_t ==============
>allow hald_t var_t:dir write;
>
>#============= openvpn_t ==============
>allow openvpn_t openvpn_etc_t:file write;
>allow openvpn_t openvpn_var_run_t:dir { write search add_name };
>
>
>how can i get this in, so i get it running?
There was a thread about this on the fedora-selinux mailing list
recently which might help:
https://www.redhat.com/archives/fedora-selinux-list/2007-June/msg00048.html
Ron
More information about the fedora-list
mailing list