On Thu, Feb 12, 2009 at 04:58:27PM -0300, Miguel Rozsas wrote:
>
> I just figure out how to fix the SELinux issue.
> I learned somewhere in the net in a SELinux tutorial that when you copy a
> file from one place to another you are copying the SELinux attributes too.
> But when you create a new file it has the right selinux attributes for that
> location.
>
> So I did, (as root):
> [code]
> touch /etc/openvpn/user.pem
> touch /etc/openvpn/key.pem
> touch /etc/openvpn/cacert.pem
> cp ~miguel/tmp/user.pem /etc/openvpn/user.pem
> cp ~miguel/tmp/key.pem /etc/openvpn/key.pem
> cp ~miguel/tmp/cacert.pem /etc/openvpn/cacert.pem
> chmod a+r /etc/openvpn/*.pem
> [/code]
>
> and I setup the NM-vpn using the files on /etc/openvpn, not the ones on my
> home.
>
> If you have a better idea/solution I want to hear you.
>
Assuming Fedora 10 has the same SELinux setup and tools as Fedora 9:
In Fedora 9, there is a SELinux boolean "openvpn_enable_homedirs"
which is not set by default. You can set this by using setsebool
(policycoreutils package) or system-config-selinux (from the
policycoreutils-gui package). After you have done this, you can
copy your SSL key and certs back to the home dir.
Robert
_______________________________________________
NetworkManager-list mailing list
[email protected]
http://mail.gnome.org/mailman/listinfo/networkmanager-list
