openvpn
Paul Howarth
paul at city-fan.org
Tue Jul 11 18:27:29 UTC 2006
Openvpn was working OK with FC5 originally, but with the recent changes
I've had to add additional rules:
policy_module(myopenvpn, 0.1.4)
########################################
#
# Declarations
#
require {
type openvpn_t;
}
########################################
#
# Local policy
#
# Need to interact with terminals if config option "auth-user-pass" is
used
term_use_generic_ptys(openvpn_t)
dev_search_sysfs(openvpn_t)
kernel_read_kernel_sysctls(openvpn_t)
sysnet_dns_name_resolve(openvpn_t)
allow openvpn_t self:netlink_route_socket { rw_netlink_socket_perms };
It's now working for me again without AVCs being reported, and better
still, no hard lockups when trying to start/stop the service :-)
Paul.
More information about the fedora-selinux-list
mailing list