fedora-selinux August 2010 archive
Main Archive Page > Month Archives  > fedora-selinux archives
fedora-selinux: Re: avc { module_request, relabelfrom }: openvpn

Re: avc { module_request, relabelfrom }: openvpn->tun

From: Dominick Grift <domg472_at_nospam>
Date: Wed Aug 18 2010 - 09:24:48 GMT
To: Mr Dash Four <mr.dash.four@googlemail.com>

On 08/18/2010 11:21 AM, Mr Dash Four wrote:
>

> There was a suggestion for change to tor.te a while ago as well (see
> tor: dac_override, dac_read_search, name_bind and net_bind_service
> thread) - the new version of tor (2.x) provides dns resolution as part
> of the service it runs, so it needs to bind to udp/53 and the statement:
>
> corenet_udp_bind_dns_port(tor_t)

It is best to report this to bugzilla.redhat.com in the selinux-policy
component. Thanks in advance.

> does the trick when it is included in tor.te. Currently I do this with
> patching, but it would be nice to have it as part of the policy in a
> similar way it was done with openvpn.
>

-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux