avc { module_request, relabelfrom }: openvpn->tun
Dominick Grift
domg472 at gmail.com
Wed Aug 18 09:24:48 UTC 2010
On 08/18/2010 11:21 AM, Mr Dash Four wrote:
>
> There was a suggestion for change to tor.te a while ago as well (see
> tor: dac_override, dac_read_search, name_bind and net_bind_service
> thread) - the new version of tor (2.x) provides dns resolution as part
> of the service it runs, so it needs to bind to udp/53 and the statement:
>
> corenet_udp_bind_dns_port(tor_t)
It is best to report this to bugzilla.redhat.com in the selinux-policy
component. Thanks in advance.
> does the trick when it is included in tor.te. Currently I do this with
> patching, but it would be nice to have it as part of the policy in a
> similar way it was done with openvpn.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20100818/5bc99894/attachment.bin
More information about the selinux
mailing list