Created attachment 1159899 [details]
sealert that can be used to generate required selinux policy
Description of problem:
The Fortigate SSL VPN plugin for NetworkManager does not open a VPN tunnel. It fails to complete due to SELinux policies
Version-Release number of selected component (if applicable):
Fedora 24 (Beta)
Steps to Reproduce:
Requirement: a Fortigate VPN server
1. Configure a Forti SSL VPn
2. Click Connect (NetworkManager GUI)
Fortigate SSL VPN fails.
Errors are reported in journalctl
SEAlert pops up
VPN tunnel is opened.
Created attachment 1159900 [details]
generated policy that fixes the problem on one machine
I've attached it in case there's more than one sealert that gets triggered.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
The generated policy fixes the problem on Fedora 24 (latest updates) while connecting from network manager GUI to Fortigate via SSLVPN.
selinux-policy-3.13.1-191.20.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2016-7ce27629b3
selinux-policy-3.13.1-191.20.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-7ce27629b3
selinux-policy-3.13.1-191.20.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.