On 01 September 2007, William Warren hescominsoon@emmanuelcomputerconsulting.com wrote:
Message: 3
<snip>
you can also go with webmin to configure this stuff..<G>
If you use Webmin, at this time, it is probably not a good idea to use SELinux with it. I have a very recent thread about this and there is a bug on Webmin. The SELinux folks are aware of it. Below is about SELinux. Lanny
This explanation and description of the problem are fine. We probably need a custom policy for webmin to allow iptables to write to scripts running as webmin, since catching stderr is important. There is no file context that can be set to allow this. As I recall from the original bug report, iptables was also trying to communicate with another open file descriptor. This one I beleive should be closed on exec.