Each time I setup a new keys for my client, the selinux always preventing the connection so the vpn wont work.
this is the syntax for enable openvpn selinux.
module openvpn 1.0; require { type openvpn_t; type user_home_t; class file { read open }; } #============= openvpn_t ============== allow openvpn_t user_home_t:file open; #!!!! This avc is allowed in the current policy allow openvpn_t user_home_t:file read;And how to generate a module from *.te file? please read my previous article http://kura2gurun.blogspot.com/2011/09/tips-and-trick-part-3.html Bye :-)
Comments
Post a Comment