Fedora Account System
Red Hat Associate
Red Hat Customer
setting selinux to be enforced, openvpn subsequently fails to startup: type=AVC msg=audit(1153071923.115:352): avc: denied { search } for pid=22678 comm="openvpn" name="tun0" dev=sysfs ino=112568 scontext=root:system_r:openvpn_t:s0 tcontext=system_u:object_r:sysfs_t:s0 tclass=dir type=AVC msg=audit(1153073406.417:7): avc: denied { use } for pid=1629 comm="openvpn" name="console" dev=tmpfs ino=745 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fd type=AVC msg=audit(1153073406.417:7): avc: denied { use } for pid=1629 comm="openvpn" name="console" dev=tmpfs ino=745 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fd type=AVC msg=audit(1153073406.417:7): avc: denied { use } for pid=1629 comm="openvpn" name="console" dev=tmpfs ino=745 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:system_r:init_t:s0 tclass=fd type=SYSCALL msg=audit(1153073406.417:7): arch=40000003 syscall=11 success=yes exit=0 a0=84bb478 a1=84ce858 a2=84ced10 a3=84c2ec0 items=2 pid=1629 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="openvpn" exe="/usr/sbin/openvpn" subj=system_u:system_r:openvpn_t:s0 type=AVC_PATH msg=audit(1153073406.417:7): path="/dev/console" type=AVC_PATH msg=audit(1153073406.417:7): path="/dev/console" type=AVC_PATH msg=audit(1153073406.417:7): path="/dev/console" type=CWD msg=audit(1153073406.417:7): cwd="/etc/openvpn" type=PATH msg=audit(1153073406.417:7): item=0 name="/usr/sbin/openvpn" inode=4364840 dev=09:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:openvpn_exec_t:s0 type=PATH msg=audit(1153073406.417:7): item=1 name=(null) inode=262150 dev=09:02 mode=0100755 ouid=0 ogid=0 rdev=00:00 obj=system_u:object_r:ld_so_t:s0 type=AVC msg=audit(1153073406.925:8): avc: denied { search } for pid=1629 comm="openvpn" scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=dir type=SYSCALL msg=audit(1153073406.925:8): arch=40000003 syscall=149 success=no exit=-1 a0=bfae3af0 a1=4ccff4 a2=4d0340 a3=bfae3ae8 items=0 pid=1629 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="openvpn" exe="/usr/sbin/openvpn" subj=system_u:system_r:openvpn_t:s0 type=AVC msg=audit(1153073406.925:9): avc: denied { search } for pid=1629 comm="openvpn" name="kernel" dev=proc ino=-268435417 scontext=system_u:system_r:openvpn_t:s0 tcontext=system_u:object_r:sysctl_kernel_t:s0 tclass=dir type=SYSCALL msg=audit(1153073406.925:9): arch=40000003 syscall=5 success=no exit=-13 a0=9223c0 a1=0 a2=0 a3=b7f328cc items=1 pid=1629 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) comm="openvpn" exe="/usr/sbin/openvpn" subj=system_u:system_r:openvpn_t:s0 type=CWD msg=audit(1153073406.925:9): cwd="/etc/openvpn" type=PATH msg=audit(1153073406.925:9): item=0 name="/proc/sys/kernel/version" obj=system_u:object_r:lib_t:s0
*** This bug has been marked as a duplicate of 187305 ***