selinux and ppp
Daniel J Walsh
dwalsh at redhat.com
Sat Apr 3 06:25:54 UTC 2004
shrek-m at gmx.de wrote:
> bastard operater wrote:
>
>> Thank you for the response. After doing what you suggested I now get
>> the following message:
>>
>> Apr 1 21:20:01 excalibur kernel: PPP generic driver version 2.4.2
>> Apr 1 21:20:01 excalibur pppd[2403]: pppd 2.4.1 started by root, uid 0
>> Apr 1 21:20:02 excalibur kernel: audit(1080876002.324:0): avc:
>> denied { execute } for pid=2404 exe=/bin/bash name=ppp-on-dialer
>> dev=sdb2 ino=32702 scontext=root:system_r:pppd_t
>> tcontext=root:object_r:pppd_etc_t tclass=file
>> Apr 1 21:20:02 excalibur pppd[2403]: Connect script failed
>> Apr 1 21:20:03 excalibur pppd[2403]: Exit.
>>
>> To answer your question, a file was created in the /etc/ppp directory
>> called connect-errors.
>
>
>
> give it a try and disable selinux
>
> /etc/sysconfig/selinux
> SELINUX=disable
You can temporarily disable enforing mode by executing
setenforce 0
Then startup you pppd connection.
When the connection is up and running
setenforce 1
will turn back on enforcing mode. Please post the avc messages.
I have updated policy to handle the first batch of avc messages. Have you
upgraded to policy-1.9.2-8?
Dan
>
> and reboot
> or see
> http://people.redhat.com/kwade/fedora-docs/selinux-faq-en/
>
More information about the fedora-test-list
mailing list