[CentOS] selinux & iptables
Daniel J Walsh
dwalsh at redhat.com
Tue Aug 30 19:10:10 UTC 2011
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/30/2011 03:08 PM, Michael D. Berger wrote:
> In setting up my new CentOS 6 laptop, I replaced
> /etc/sysconfig/iptables with my own, very restrictive version. I
> then tried to restart the iptables daemon, but it reported that my
> new iptables was unreadable. On a guess, I disabled selinux, and my
> problem was solved. Later, I re-enabled selinux and on reboot, it
> had to go through a very long setup procedure.
>
> Is there something better I could have done when replacing
> iptables, so that I would not have to disable selinux?
>
> Thanks for your help. Mike.
>
> _______________________________________________ CentOS mailing
> list CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
Run restorecon on the files you changed.
restorecon -R -v /etc/sysconfig
Is all you probably needed.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk5dNZIACgkQrlYvE4MpobPSygCgvb9bm6KEcIhv+VoR+uEAapeN
DwoAn2NTPyTykCcMpwwr9nfamgqgzifm
=PkaT
-----END PGP SIGNATURE-----
More information about the CentOS
mailing list