Bug 199069 - Openvpn won't work with setenforce 1
Summary: Openvpn won't work with setenforce 1
Keywords:
Status: CLOSED DUPLICATE of bug 187305
Alias: None
Product: Fedora
Classification: Fedora
Component: openvpn
Version: 5
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Steven Pritchard
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-07-16 22:36 UTC by Andreas Thienemann
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-07-17 18:42:02 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Andreas Thienemann 2006-07-16 22:36:25 UTC 
setting selinux to be enforced, openvpn subsequently fails to startup:

type=AVC msg=audit(1153071923.115:352): avc:  denied  { search } for  pid=22678
comm="openvpn" name="tun0" dev=sysfs ino=112568
scontext=root:system_r:openvpn_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir
type=AVC msg=audit(1153073406.417:7): avc:  denied  { use } for  pid=1629
comm="openvpn" name="console" dev=tmpfs ino=745
scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:system_r:init_t:s0
tclass=fd
type=AVC msg=audit(1153073406.417:7): avc:  denied  { use } for  pid=1629
comm="openvpn" name="console" dev=tmpfs ino=745
scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:system_r:init_t:s0
tclass=fd
type=AVC msg=audit(1153073406.417:7): avc:  denied  { use } for  pid=1629
comm="openvpn" name="console" dev=tmpfs ino=745
scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:system_r:init_t:s0
tclass=fd
type=SYSCALL msg=audit(1153073406.417:7): arch=40000003 syscall=11 success=yes
exit=0 a0=84bb478 a1=84ce858 a2=84ced10 a3=84c2ec0 items=2 pid=1629
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="openvpn" exe="/usr/sbin/openvpn"
subj=system_u:system_r:openvpn_t:s0
type=AVC_PATH msg=audit(1153073406.417:7):  path="/dev/console"
type=AVC_PATH msg=audit(1153073406.417:7):  path="/dev/console"
type=AVC_PATH msg=audit(1153073406.417:7):  path="/dev/console"
type=CWD msg=audit(1153073406.417:7):  cwd="/etc/openvpn"
type=PATH msg=audit(1153073406.417:7): item=0 name="/usr/sbin/openvpn"
inode=4364840 dev=09:02 mode=0100755 ouid=0 ogid=0 rdev=00:00
obj=system_u:object_r:openvpn_exec_t:s0
type=PATH msg=audit(1153073406.417:7): item=1 name=(null) inode=262150 dev=09:02
mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0
type=AVC msg=audit(1153073406.925:8): avc:  denied  { search } for  pid=1629
comm="openvpn" scontext=system_u:system_r:openvpn_t:s0
tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=dir
type=SYSCALL msg=audit(1153073406.925:8): arch=40000003 syscall=149 success=no
exit=-1 a0=bfae3af0 a1=4ccff4 a2=4d0340 a3=bfae3ae8 items=0 pid=1629
auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0
tty=(none) comm="openvpn" exe="/usr/sbin/openvpn"
subj=system_u:system_r:openvpn_t:s0
type=AVC msg=audit(1153073406.925:9): avc:  denied  { search } for  pid=1629
comm="openvpn" name="kernel" dev=proc ino=-268435417
scontext=system_u:system_r:openvpn_t:s0
tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=dir
type=SYSCALL msg=audit(1153073406.925:9): arch=40000003 syscall=5 success=no
exit=-13 a0=9223c0 a1=0 a2=0 a3=b7f328cc items=1 pid=1629 auid=4294967295 uid=0
gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="openvpn"
exe="/usr/sbin/openvpn" subj=system_u:system_r:openvpn_t:s0
type=CWD msg=audit(1153073406.925:9):  cwd="/etc/openvpn"
type=PATH msg=audit(1153073406.925:9): item=0 name="/proc/sys/kernel/version"
obj=system_u:object_r:lib_t:s0
Comment 1 Steven Pritchard 2006-07-17 18:42:02 UTC 

*** This bug has been marked as a duplicate of 187305 ***
Note You need to log in before you can comment on or make changes to this bug.