Created attachment 1159899 [details] sealert that can be used to generate required selinux policy Description of problem: The Fortigate SSL VPN plugin for NetworkManager does not open a VPN tunnel. It fails to complete due to SELinux policies Version-Release number of selected component (if applicable): Fedora 24 (Beta) NetworkManager-fortisslvpn-1.2.2-1.fc24.x86_64 openfortivpn-1.1.4-1.fc24.x86_64 selinux-policy-3.13.1-185.fc24.noarch How reproducible: Always Steps to Reproduce: Requirement: a Fortigate VPN server 1. Configure a Forti SSL VPn 2. Click Connect (NetworkManager GUI) 3. Actual results: Fortigate SSL VPN fails. Errors are reported in journalctl SEAlert pops up Expected results: VPN tunnel is opened. Additional info: #127020
Created attachment 1159900 [details] generated policy generated policy that fixes the problem on one machine I've attached it in case there's more than one sealert that gets triggered.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
The generated policy fixes the problem on Fedora 24 (latest updates) while connecting from network manager GUI to Fortigate via SSLVPN.
selinux-policy-3.13.1-191.20.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-7ce27629b3
selinux-policy-3.13.1-191.20.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-7ce27629b3
selinux-policy-3.13.1-191.20.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.