SELinux and Shorewall with IPSets
Mr Dash Four
mr.dash.four at googlemail.com
Tue Jun 29 13:22:47 UTC 2010
> So I'm curious as to why this isn't working for you. Did the restorecon
> command in fact change the label of the program to iptables_exec_t? Did
> you get the same AVC message as before?
>
>
Exactly the same message - no difference!
I am willing to investigate this further to get to the bottom of it.
When I do not have my custom .pp and FC tries to start the shorewall
service it fails (sometimes it gives me the alert, some times it
doesn't). When I try to execute "service shorewall start" (as root) it
always fails and always gives me those alerts (as I mentioned they are
exactly the same, but I will have a closer look again). I will post
these logs again (+ what I am doing/executing) when I have the chance to
get to it - later today may be.
More information about the selinux
mailing list