> [don@mclachlan1 ~]$ cat /etc/rc.local > #!/bin/sh > # > # This script will be executed *after* all the other init scripts. > # You can put your own initialization stuff in here if you don't > # want to do the full Sys V style init stuff. > > touch /var/lock/subsys/local > > # DGM 08/05/2011 - work around Fedora 14 / SELinux bug. > echo 0 > /selinux/enforce > /sbin/shorewall start > echo 1 > /selinux/enforce > > Thanks again, > Don Apologies Don, there is a better and more permanent solution to this (this is what I have done - and alluded to, though not very clearly - in my last post):
execute the following 2 statements as root: semanage fcontext -a -t bin_t /usr/share/shorewall/getparams restorecon -vF /usr/share/shorewall/getparams After this, the security context on getparams should have been amended from "usr_t" to "bit_t". To make sure of that execute "ls -lasZ /usr/share/shorewall/getparams" and you should clearly see the security context on this file as "bin_t". Once that is so, you don't have to do anything else - no need to amend your rc.local. Apologies for not making this much clearer! ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
