[CentOS] Re: Centos 5 OpenVPN / SElinux
Bernd Bartmann
bernd.bartmann at gmail.comWed May 30 17:47:16 UTC 2007
- Previous message: [CentOS] Centos 5 OpenVPN / SElinux
- Next message: [CentOS] custom kernel for Centos 5 kickstart?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 5/30/07, Daniel J Walsh <dwalsh at redhat.com> wrote: > Easiest thing to do is update policy with these two rules. > > # grep openvpn /var/log/audit/audit.log | audit2allow -M myopenvpn > # semodule -i myopenvpn.pp > > This will add the following rules: > allow openvpn_t pppd_t:fd use; > allow openvpn_t self:process execstack; > > The pppd_t:fd is probably a leaked file descriptor and could probably be > dontaudited. > The execstack is potentially a problem in openvpn_t. This is probably a > coding problem and should be reported as a bug/ Daniel, do you mean a bug in SElinux or OpenVPN? Best regards, Bernd.
- Previous message: [CentOS] Centos 5 OpenVPN / SElinux
- Next message: [CentOS] custom kernel for Centos 5 kickstart?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list