Each time I setup a new keys for my client, the selinux always preventing the connection so the vpn wont work.
this is the syntax for enable openvpn selinux.
module openvpn 1.0;
require {
type openvpn_t;
type user_home_t;
class file { read open };
}
#============= openvpn_t ==============
allow openvpn_t user_home_t:file open;
#!!!! This avc is allowed in the current policy
allow openvpn_t user_home_t:file read;
And how to generate a module from *.te file? please read my previous article
http://kura2gurun.blogspot.com/2011/09/tips-and-trick-part-3.html
Bye :-)
Comments
Post a Comment