SELinux: how to allow NM / OpenVPN to access my homedir?
Ed Greshko
Ed.Greshko at greshko.com
Wed May 8 09:33:48 UTC 2013
On 05/08/13 17:17, Mihamina Rakotomandimby wrote:
> Hi all,
>
> I configured NM/OpenVPN to get the needed certificates from my homedir ${HOME}/openvpn/*
>
> When trying to launch, it fails because of:
>
> May 8 12:12:51 mihamina-i5 setroubleshoot: SELinux is preventing /usr/sbin/openvpn from open access on the file /home/mihamina/openvpn/mihamina.crt. For complete SELinux messages. run sealert -l 2a4693c2-93a8-4d29-94a5-0b0fdd89e592
> May 8 12:12:56 mihamina-i5 NetworkManager[659]: <info> VPN service 'openvpn' disappeared
> May 8 12:13:19 mihamina-i5 /usr/bin/sealert: exception ValueError: unknown locale: en_DK
> May 8 12:13:26 mihamina-i5 /bin/sealert: exception ValueError: unknown locale: en_DK
>
>
> What to do? I really want to give its chance to SELinux... :-)
>
>
What you really want to do is store your certs in $HOME/.cert. That directory is defined in selinux policy and will have the proper context.
[egreshko at meimei ~]$ ls -dZ .cert
drwxrwxr-x. egreshko egreshko unconfined_u:object_r:home_cert_t:s0 .cert
--
The only thing worse than a poorly asked question is a cryptic answer.
More information about the users
mailing list